Tidal Cyber Elevates Threat Intelligence Beyond ATT&CK with New CTI Architecture

News provided by

Tidal Cyber

May 13, 2026, 10:00 ET

New architecture aligns with MITRE ATT&CK® V19 and Tidal Cyber procedural-led threat intelligence

RESTON, Va., May 13, 2026 /PRNewswire/ -- Tidal Cyber, the category creator and global leader in Threat-Led Defense, today announced a major advancement to its platform with the separation of MITRE ATT&CK® intelligence from Tidal Cyber's proprietary threat intelligence (CTI). The release aligns with MITRE ATT&CK Version 19 (V19), a significant update that restructures how defenders categorize and respond to adversary behavior.
As ATT&CK evolves, organizations face increasing challenges translating technique-level mapping into actionable defense. Tidal Cyber's new architecture addresses this gap by clearly separating intelligence sources and operationalizing procedure-level CTI that shows how attacks are actually executed.

"ATT&CK continues to be foundational to how the industry understands adversary behavior, but the market is reaching a point where structure alone is not enough," said Rick Gordon, CEO and Co-founder of Tidal Cyber. "As threat volume and complexity increase, organizations need to move beyond mapping threats to actually stopping them. This shift enables security teams to focus on execution and where attacks succeed or fail to make more informed decisions faster."

With this release, Tidal Cyber formally distinguishes:

  • MITRE ATT&CK as the industry-standard structure for techniques
  • Tidal Cyber CTI delivering procedure-level intelligence aligned to the defensive stack

This separation eliminates the challenges of fragmented and blended intelligence, enabling organizations to clearly understand how attacks execute, where defenses fail, and what actions to take outside of ATT&CK techniques, which can be abstract.
The announcement coincides with the release of MITRE ATT&CK V19, which introduces a major structural shift with the retirement of the "Defense Evasion" tactic and its division into Stealth and Impair Defenses. This evolution reflects modern adversary behavior, where attackers first evade detection and then actively degrade security controls before executing attacks.

While ATT&CK V19 improves the categorization of adversary behavior, it also increases operational complexity for security teams, requiring updates to detection strategies, playbooks, and workflows.

"Tidal Cyber was built on procedures and that understanding of how adversaries actually execute attacks as the foundation of effective defense," said Frank Duff, Chief Innovation Officer and Co-founder of Tidal Cyber. "By separating MITRE ATT&CK from Tidal Cyber CTI, we elevate procedures as the core unit of analysis giving teams the execution-level clarity they need to understand where they are exposed, where defenses break, and what to do next."

Tidal Cyber's platform connects threat intelligence, procedures, vulnerabilities, assets, and defenses into a unified model that enables organizations to:

  • Ingest vulnerability data and its impact on procedures and the likelihood of an attack
  • Prioritize based on attacker execution, not severity
  • Identify where defenses fail in real attack execution
  • Translate intelligence into actionable procedure-led security decisions

Historically, organizations have struggled with fragmented threat intelligence, manual ATT&CK reconciliation, and techniques that lack execution context. Tidal Cyber's new architecture resolves these challenges by delivering clear source attribution across MITRE, Tidal Cyber, and other intelligence inputs ensuring intelligence is trustworthy, consistent, and actionable.

The result is a shift from visibility to defensible outcomes enabling organizations to operationalize Threat-Led Defense to reduce attacker success and residual risk.

About Tidal Cyber
Tidal Cyber is the creator of Threat-Led Defense, a modern approach to cybersecurity that focuses on understanding and disrupting real adversary execution. By operationalizing procedure-level intelligence, Tidal Cyber enables organizations to prioritize effectively, reduce attacker success and residual risk, while aligning defenses to how attacks actually occur.

SOURCE Tidal Cyber

21%

more press release views with 
Request a Demo

Also from this source

Tidal Cyber Included in SageTap H2 2025 Cybersecurity Report; Industry Leaders Validate Market Demand for Procedure-Level, AI-Driven Defensive Prioritization

Tidal Cyber Included in SageTap H2 2025 Cybersecurity Report; Industry Leaders Validate Market Demand for Procedure-Level, AI-Driven Defensive Prioritization

Tidal Cyber, the category creator and global leader in Threat-Led Defense, today announced its inclusion in The State of AI in Cybersecurity 2026:...
Tidal Cyber's Richard Struse Appointed to MITRE ATT&CK® Advisory Council as Company Advances Procedure-Led Threat-Led Defense

Tidal Cyber's Richard Struse Appointed to MITRE ATT&CK® Advisory Council as Company Advances Procedure-Led Threat-Led Defense

Tidal Cyber today announced that Richard Struse, Chief Technology Officer and Co-Founder, has been appointed to the newly formed MITRE ATT&CK®...
More Releases From This Source

Explore

High Tech Security

High Tech Security

Computer & Electronics

Computer & Electronics

New Products & Services

New Products & Services

News Releases in Similar Topics