Threat-INFORM Your Defense

Measure & Improve Your SOC Using Real Adversary Behavior

Assess Threat-Informed Defense maturity and turn MITRE INFORM insights into a prioritized, actionable improvement plan.

Talk to an Expert

What This Service Delivers

Threat-Informed Defense
Maturity Baseline

Assess how Threat-Informed Defense (TID) is applied across people, process, and technology using the INFORM model to establish a repeatable maturity baseline.

Alignment on Gaps
and Priorities

Align security teams on strengths and gaps, identify misaligned effort, and prioritize improvements based on adversary relevance.

Actionable Improvement
Roadmap

Translate assessment results into prioritized actions, define near- and long-term improvements, and establish ownership and reassessment cadence.

Learn More

How the Engagement Works

Train

Build the Foundation

A focused workshop aligns participants on:

Align stakeholders on TID principles
Apply adversary behavior to defensive decision-making
Review MITRE ATT&CK (optional)
Understand INFORM maturity model structure and scoring

Measure

Establish the Baseline

A facilitated tabletop exercise:

Evaluate INFORM dimensions and maturity levels
Document current TID practices as they exist today
Establish consensus scoring across participants

Advance

Drive Improvement

Assessment results are used to:

Define a tailored improvement roadmap and action plan
Identify near- and long-term actions aligned to adversary behavior
Establish ownership and reassessment cadence

What You’ll Walk Away With

A documented INFORM-based assessment of current TID maturity

A shared, consensus view of strengths and gaps across security stakeholders

A clear cadence for reassessment, measurement, and ongoing maturity tracking

A prioritized improvement roadmap with defined actions and ownership

Throughout the engagement, AttackIQ advisors provide hands-on guidance to support ongoing Threat-Informed Defense maturity.

Why AttackIQ

AttackIQ provides Continuous Threat Exposure Management (CTEM) solutions that validate security controls using real-world adversary behavior. AttackIQ is a founding Research Partner of MITRE’s Center for Threat-Informed Defense and has contributed directly to the INFORM maturity model.

Ready to
get started?

Assess Threat-Informed Defense maturity and define your next steps for improvement.

Talk to an Expert

Featured Articles

  • Threat-INFORM Your Defenses

    MITRE’s INFORM maturity model helps organizations adopt threat-informed defense. Learn what’s new in the latest update and how to baseline posture, prioritize investments, and measure progress against real threats.
    Watch Now
  • Threat Research

    INFORM 2026: MITRE’s Updated Threat-Informed Defense Maturity Model Explained

    On January 8th, MITRE’s Center for Threat-Informed Defense (CTID) published a significant update to INFORM, its threat-informed defense maturity model. This update reflects the joint efforts of MITRE researchers, AttackIQ, and several CTID members to enhance INFORM based on two years of operational use and broad security community feedback.
    Read More

  • INFORM: Advance Your Threat-Informed Defense

    eatured Resource From Security Gaps to Continuous Validation Point-in-time security tests aren’t enough. Continuous validation ensures your defenses are always ready by proactively identifying and addressing threat exposure. Learn how AEV enhances your security posture through the five stages of CTEM—before attackers can exploit them.
    Read More