MITRE ATT&CK
Leading open-source software engineering for the world's most widely adopted threat intelligence framework
MITRE ATT&CK is a globally-accessible knowledge base of adversary tactics and techniques, used by thousands of organizations for threat modeling, detection engineering, and security operations. I help lead the software engineering team responsible for the tools and infrastructure that power ATT&CK’s data distribution and community adoption.
Technical Contributions
ATT&CK Data Model
Authored the first codified expression of the ATT&CK taxonomy, a TypeScript library that formalizes the ATT&CK data model and enables type-safe programmatic access to ATT&CK content.
ATT&CK Website
Designed and implemented client-side search for attack.mitre.org. The search runs entirely in-browser using FlexSearch, with precomputed indexes and IndexedDB-backed lookups for fast, offline-capable queries.
TAXII 2.1 Server
Designed, deployed, and maintain the production ATT&CK TAXII 2.1 server, which serves ATT&CK data in STIX format to automated threat intelligence platforms worldwide.
ATT&CK Workbench REST API
Primary developer for the ATT&CK Workbench REST API. I inherited and refactored the codebase for extensibility and am currently implementing release tracks to support more frequent publication.
mitreattack-python
Maintain the mitreattack-python library (published on PyPI). I am leading a refactor to align Python models with the ATT&CK Data Model’s TypeScript schemas for stronger cross-language consistency.