CTMF is a comprehensive framework
build upon the OODA (Observe, Orient,
Decide, Act) decision cycle that enables
cyber threat management with the
speed and agility needed in today's
real-time dynamic threat environment.
Observe
Detect use case development
Content architecture
Use case optimization
Use case control testing
Honeypot development
Sensor data
Use case cost modeling
Orient
Intelligence gathering
Intelligence data mining
Risk assessment
Control assessment
Behavior modeling
Context enrichment
Threat data warehousing
Security Data Science
Decide
Situational awareness
Automated triage
Security analyst (human) triage
Act
Malware Analysis
Automating responses
Incidents Response
Response operations
Security Operations Center