MAEC™ International in scope and free for public use, MAEC is a standardized language for encoding and communicating high-fidelity information about malware based upon attributes such as behaviors, artifacts, and attack patterns.
By eliminating the ambiguity and inaccuracy that currently exists in malware descriptions and by reducing reliance on signatures, MAEC aims to improve human-to-human, human-to-tool, tool-to-tool, and tool-to-human communication about malware; reduce potential duplication of malware analysis efforts by researchers; and allow for the faster development of countermeasures by enabling the ability to leverage responses to previously observed malware instances.
 |
 |
|||||
|
||||||
 |
 |
|||||
FOCUS ON
MAEC Compatibility
MAEC Compatibility provides for a product or service to be reviewed and registered as officially "MAEC-Compatible," thereby assisting organizations in understanding and leveraging the three different types of capabilities that can leverage the MAEC Language: Content Creation Product or Service, Content Repository, and Content Consumer.
Clearly defining and articulating these three capabilities allows enterprises and end users to easily understand how a given product, service, or repository is using the MAEC Language, and thus how their requirements for discussing, analyzing, detecting, and/or preventing malware could be further enhanced through the use of MAEC-Compatible products and services.
If your organization uses or is planning to use MAEC, review the MAEC Compatibility Program for instructions on how to participate and/or contact maec@mitre.org to learn more.
MAEC Python Package Now Available on MAECProject Page on GitHub.com
MAEC 4.0 Overview Briefing Slides Now Available
MAEC Mentioned in Article about Classifying Network Security Attacks on Certshelp.com
MAEC booth at InfoSec World 2013
MAEC Compatibility Section Added to MAEC Web Site
MAEC booth at Black Hat Briefings 2013, July 27-August 1
Version 4.0 of the MAEC Language is now available. Version 4.0 is a major version release and includes the following updates: incorporation of Cyber Observable eXpression (CybOX™) Version 2.0; ability to add AV-Classification results for a malware binary as a first-class property of the MAEC Bundle; ability to characterize minor variations (e.g., the same binary with different filenames) of a Malware Subject as part of the Subject; and addition of a MAEC Default Vocabularies Schema. Read the complete Release Notes.
