This article outlines the updates in MITRE ATT&CK v18, focusing on new Detection Strategies and Analytics that enhance the framework's usability for cyber defenders. It details improvements in coverage across various domains, including enterprise, mobile, and industrial control systems, as well as the introduction of the ATT&CK Advisory Council for community input.

MITRE has launched ESTM 3.0, a security framework tailored for embedded systems. This updated tool enhances cyber threat modeling and integrates with existing security frameworks, aiming to foster community contributions for further development.

The CVE program, critical for global cybersecurity, narrowly avoided closure after its funding contract with the DHS was extended for 11 months. Concerns over the potential impacts of a service disruption prompted CVE board members to establish the CVE Foundation to ensure the program's future stability.

KANVAS is an incident response case management tool designed for investigators, featuring a user-friendly desktop interface built in Python. It streamlines workflows by enabling collaboration on spreadsheets, offering visualization tools for attack chains and incident timelines, and integrating various API insights for enhanced data analysis. Key functionalities include one-click data sanitization, MITRE mapping, and reporting capabilities, making it a comprehensive tool for handling cybersecurity incidents.

The EU cyber agency ENISA has introduced the EU Vulnerability Database (EUVD) to enhance vulnerability tracking, coinciding with ongoing funding challenges faced by MITRE's CVE program. Experts suggest this move reflects Europe’s desire for greater autonomy in cybersecurity, with the EUVD aiming to complement existing systems rather than replace them.