MAEC™ International in scope and free for public use, MAEC is a standardized language for encoding and communicating high-fidelity information about malware based upon attributes such as behaviors, artifacts, and attack patterns.
By eliminating the ambiguity and inaccuracy that currently exists in malware descriptions and by reducing reliance on signatures, MAEC aims to improve human-to-human, human-to-tool, tool-to-tool, and tool-to-human communication about malware; reduce potential duplication of malware analysis efforts by researchers; and allow for the faster development of countermeasures by enabling the ability to leverage responses to previously observed malware instances.
 |
 |
|||||
|
||||||
 |
 |
|||||
FOCUS ON
MAEC Language Version 2.0
Version 2.0 of the MAEC Language is now available on the Releases page on the MAEC Web site. This is the second major release of the MAEC Schema, and is focused on adding support for improving the completeness and expressiveness of the schema, particularly in terms of profiling actions performed by malware and the objects that are associated with these actions. Downloads and documentation for this release include the Version 2.0 Schema, and Version 2.0 Example Files.
Feedback on all of these items is welcome on the MAEC Development Group on Handshake, MAEC Discussion List, and/or maec@mitre.org.
Latest News
MAEC Language Version 2.0 Now Available
MITRE Announces Initial "Making Security Measurable" Calendar of Events for 2012
MAEC/CWE/CAPEC/
Software Assurance briefings at DHS/DoD SwA Working Group Meeting Session
Upcoming Events
MAEC/Making Security Measurable booth at RSA Conference 2012, February 27 - March 2, 2012
