MITRE, according to mitre.org, “…is a not-for-profit organization chartered to work in the public interest. As a national resource, we apply our expertise in systems engineering, information technology, operational concepts, and enterprise modernization to address our sponsors' critical needs.” The organization, which is actually at 501(c)(3) organization, has thousands of scientists and employees working on a broad range of specialties, ranging from aerospace to defense, information security, and much more. Of interest to information security specialists are the numerous MITRE websites available that provide excellent reference material and resources relating to systems security and issues, such as the below listed sites:
- Open Source Vulnerability Database (OSVDB) | http://www.osvdb.org/
- Common Configuration Enumeration (CCE) | http://cce.mitre.org/
- Common Vulnerabilities and Exposures (CVE) | http://cve.mitre.org/
- Common Platform Enumeration (CPE) | http://cpe.mitre.org/
- Common Weakness Enumeration (CWE) | http://cwe.mitre.org/
- Malware (MAEC) | http://maec.mitre.org/
- Cyber Observables (CyboX) | http://cybox.mitre.org/
- Structured Threat Information Expression (STIX) | http://stix.mitre.org/
- Trusted Automated Exchange of Indicator Information (TAXII) | http://taxii.mitre.org/
- Making Security Measurable (MSM) | http://measurablesecurity.mitre.org/
- Open Vulnerability and Assessment Language (OVAL) | https://oval.mitre.org/
- Common Attack Pattern Enumeration and Classification (CAPEC) | http://capec.mitre.org/
Learn more about our signature product, the Global Information Security Compliance Packet (GISCP), the world's most complete security policy packet containing over 2,850 + pages of in-depth information security policies, procedures, forms, checklists, templates, provisioning and hardening documents, and much more.
Learn more today about the GISCP by viewing sample policies, forms, hardening documents, and more.
The Importance of Security Policies & Procedures | Learn More
The information provided on many of these sites is very technical, geared for advanced information security specialists. If you’re in the information security field, then the MITRE sites are packed with an incredible amount of useful information, so spend some time learning more about them. Additionally, if you’re also some serious about ensuring the safety and security of organizational assets, then consider the Global Information Security Compliance Packet (GISCP) set of information security policies, procedures – and more – from Flat Iron Technologies, LLC, the undisputed global leaders when it comes to security documentation.
With literally hundreds of policies, procedures, forms, checklists, templates, provisioning and hardening documents – and more – to choose from, the Global Information Security Compliance Packet (GISCP) set of documents is a must-have for meeting today’s growing compliance mandates and cybersecurity threats.