Frameworks

ISO 42001

International Organization for Standardization(ISO)

ISO/IEC 42001 is the international standard that specifies requirements and provides guidance for establishing, implementing, maintaining, and continually improving an Artificial Intelligence Management System (AIMS) within the context of an organization.

MITRE ATLAS

MITRE

ATLAS (Adversarial Threat Landscape for Artificial-Intelligence Systems) is a globally accessible, living knowledge base of adversary tactics and techniques against Al-enabled systems based on real-world attack observations and realistic demonstrations from Al red teams and security groups.

ICS ATT&CK

MITRE

MITRE ATT&CK® for ICS is a globally-accessible knowledge base of adversary tactics and techniques reflecting real-world observations of cyber attacks against Industrial Control Systems (ICS). It is tailored specifically to the unique operational technology (OT) environments, adversary behaviors, and attack methods found in critical infrastructure sectors like manufacturing, energy, and utilities. The framework focuses on the actions attackers take to compromise or disrupt physical processes, often by targeting devices and protocols unique to ICS.

Mobile ATT&CK

MITRE

MITRE ATT&CK® for Mobile is a globally-accessible knowledge base of adversary tactics and techniques based on real-world observations of mobile device attacks. The framework is tailored to the unique attack vectors of mobile platforms, covering techniques for both Android and iOS. It details adversary behaviors from initial access (e.g., Phishing, Drive-by Compromise) and device-level exploitation to network-based effects that can be used without direct device access.

MITRE D3FEND

MITRE

Extracted Defensive Tactics and their Techniques / Sub-techniques from MITRE D3FEND.

NIST AI RMF

National Institute of Standards and Technology

The NIST AI Risk Management Framework is intended for voluntary use and to improve the ability to incorporate trustworthiness considerations into the design, development, use, and evaluation of AI products, services, and systems.

ISO 27001

International Organization for Standardization(ISO)

ISO/IEC 27001:2022 is the preeminent international standard for establishing, implementing, and maintaining an Information Security Management System (ISMS). Unlike strictly technical frameworks, ISO 27001 adopts a risk-based, holistic approach that synchronizes people, processes, and technology to safeguard the confidentiality, integrity, and availability of data. It serves as a governance umbrella, providing a structured methodology for organizations of any size to proactively identify vulnerabilities and manage cyber risks within a cycle of continuous improvement. \The framework’s controls are utilized to transition from reactive security to a state of operational excellence and global compliance. By implementing these standardized safeguards, organizations can demonstrate best-practice security to stakeholders, satisfy stringent regulatory requirements, and build a resilient defense against an evolving threat landscape. While NIST CSF focuses on cybersecurity outcomes and MITRE ATT&CK maps specific adversary behaviors, ISO 27001 provides the rigorous management foundation and auditable certification necessary for long-term security governance and trust.

Enterprise ATT&CK

MITRE

MITRE ATT&CK® is a globally-accessible knowledge base of adversary tactics and techniques...

Insider Threat Matrix

Forscie

The Insider Threat Matrix™ (ITM) is designed to help investigators map the trajectory of an insider incident—both before and after an infringement. It provides a structured approach to categorizing evidence and articulating the motive, means, and methods used by subjects of insider investigations. The ITM unifies diverse concepts and terminology for digital investigators, offering a common language that bridges people, processes, and technology. Its goal is to improve how we address the growing challenge of computer-enabled insider threats.

Cyber Kill Chain

Lockheed Martin

A comprehensive capability mapping framework based on the Lockheed Martin Cyber Kill Chain. This model maps defensive capabilities against the seven universal phases of an intrusion. It provides deep context for each 'Course of Action' (Detect, Deny, Disrupt, Degrade, Deceive, Destroy), detailing exactly how that specific defensive maneuver mitigates the adversary's unique objectives in that specific phase of the attack lifecycle.

MITRE ENGAGE

MITRE

MITRE ENGAGE™ (Adversary Engagement Guidance) is a framework of defensive cyber engagement goals, approaches, and activities based on real-world threat interactions.

PBOM OSCAR

OSCAR Project (Source)

A behavioral model based on the Open Software Supply Chain Attack Reference (OSC&R) from the PBOM.dev community. It catalogs adversary tactics and techniques specifically targeting the software supply chain, including CI/CD pipelines, code repositories, and open-source dependencies.

ESP Products Taxonomy

ESPROFILER

A structured catalog of cybersecurity domains and categories that are commonly observed across the cybersecurity industry.

Mitre F3

MITRE

The MITRE Fight Fraud Framework™ (F3) is a curated knowledge base of tactics and techniques used by financial fraud actors, derived from real-world observations of cyber fraud incidents. The framework includes behaviors that characterize known fraud TTPs and references existing MITRE ATT&CK® cyber techniques as applicable to financial fraud. F3 provides a common structure and taxonomy to consistently describe and enumerate the material events of a cyber fraud incident, enabling stronger collaboration on fraud prevention, detection, and response across organizational teams. The knowledge base is globally accessible, open, and available at no charge to any person or organization.

NIST CSF

National Institute of Standards and Technology

The NIST Cybersecurity Framework (CSF) 2.0 is a voluntary framework consisting of standards, guidelines, and best practices to manage cybersecurity risk. Created through collaboration between government and the private sector, it provides a common organizing structure for multiple approaches to cybersecurity by assembling standards, guidelines, and practices that are working effectively today. The Framework is not a one-size-fits-all approach to managing cybersecurity risk; organizations should use it as a starting point to determine their specific needs.

Cyber Defence Matrix

Sounil Yu

The Cyber Defence Matrix is a security framework that maps defensive functions (Identify, Protect, Detect, Respond, Recover) against key asset owners (Customer, Third Party, Employee, Threat Actor) and asset classes (Devices, Networks, Applications, Data, Users) to structure and organize cybersecurity capabilities.

CIS Controls

Center for Internet Security

The CIS Critical Security Controls (CIS Controls) are a prescriptive, prioritized, and simplified set of best practices that you can use to strengthen your cybersecurity posture. Today, thousands of cybersecurity practitioners from around the world use the CIS Controls and/or contribute to their development via a community consensus process.

NCSC CAF

National Cyber Security Centre (NCSC)

A compliance framework from the UK's National Cyber Security Centre (NCSC) for organizations operating the UK's vital services (e.g., CNI, NIS-regulated). It defines key outcomes and principles to help these organizations achieve and demonstrate cyber resilience for their 'essential functions' across both IT and Operational Technology (OT) systems.