Cookies Policy
We use strictly necessary cookies whilst you are here. These are to enable the website to work and cannot be disabled. To read more about what this means, please see our Privacy Policy.How
April 18, 2025
Introduction
What does it take to improve one of the most widely used cybersecurity frameworks in the world?
Not much, just someone who noticed a gap, asked a clear question, and cared enough to do something about it.
Arachne Digital has submitted our second submission for an update to the MITRE ATT&CK® Enterprise framework, and we thought it was worth showcasing the first submission we made.
A Small Fix. A Real Impact.
One of our co-founders, Kade Morton, noticed something strange while working with the MITRE ATT&CK framework. If you’re in cybersecurity, you know how critical ATT&CK is. It maps out how adversaries behave, so defenders can better spot and stop them.
Kade was reviewing the Valid Accounts technique, specifically the mitigations suggested for domain and local accounts. And something didn’t sit right.
Cloud accounts had recommendations like enforcing password policies and managing user accounts. But domain and local accounts? No mention of those same mitigations.
Which felt a little off.
We all know password complexity and removing inactive accounts are basic security hygiene, no matter where the account lives. So Kade reached out to MITRE, pointed it out, and asked if it was just an oversight.
The result? MITRE agreed. They updated their framework to include those mitigations for domain and local accounts.
Why This Matters
This wasn’t a fancy pull request. No big campaign. Just one person, seeing something off and saying, “Hey, what about this?”
That’s the open source mindset. You don’t have to be a genius. You don’t need permission. You just need to care.
Arachne Digital believe that this kind of contribution should be the norm, not the exception. And we’re building a community to make that happen.
We want to make it easier for people like you, whether you’re a developer, designer, researcher, or someone just curious about security, to plug in, level up, and shape the tools the world uses.
What You Can Do (Even If You Don’t Write Code)
Here’s the truth: open source is more than code.
You can:
🧠 Help write documentation
🔍 Test features and report bugs
🎨 Contribute design ideas
📣 Build community and mentor others
✍️ Translate content
📊 Suggest fixes or improvements
Every role matters. Every contribution counts.
You Belong Here
We’re not building a “community” just for show. We want to work with people who are learning, teaching, breaking, fixing, and improving, together.
If you’re looking for a way to:
- Use tools that are transparent and trustworthy
- Build a real portfolio of impactful work
- Connect with people who care about the same stuff you do
- Learn new skills in the open
- Shape how cybersecurity and open source evolve
Then this is your invitation. Come help us make security smarter, more open, and more human.
We’re already seeing what one suggestion can do. Imagine what we can build together.
Reach out to us via our contact form or email.
Benefits
Why select Arachne?
Our platform searches the internet for information on threat actors, gathers reports, and categorises the findings by region, industry, and threat actor. Our process automatically maps TTPs to MITRE ATT&CK®, slashing research time and saving you money.
Testimonials & Partnerships
“Arachne Digital’s team works closely with us in integrating our tool, Speculo, with their data. Speculo is designed to help organisations get a full picture of their cyber risk with reliable analytics and a streamlined risk assessment process. The integration of Arachne Digital’s threat intelligence into Speculo provides evidence-based insights into cyber risks, making the tool more relevant to our customers. Arachne facilitated multiple face-to-face meetings and video calls, provided technical resources, comprehensive documentation, and example reports. This collaboration ensured that we could seamlessly integrate and utilize their data, significantly enriching the value we deliver to our clients.
Arachne Digital’s commitment to excellence and their proactive approach in supporting our needs have made them an indispensable partner. We highly recommend their services to any organisation looking to strengthen their threat intelligence capabilities.”
Speculo
Partnership
Arachne Digital is proud to partner with the DISARM Foundation as the inaugural member of their Partner Programme, launched at the beginning of 2024.
This partnership is crucial in supporting the DISARM Foundation’s mission to maintain and enhance the DISARM Framework, ensuring it remains a free and continuously updated resource in the fight against disinformation.
Through our collaboration, Arachne Digital provides valuable feedback, promotes the integration of the framework into our operations, and encourages wider adoption within the defender community. This partnership highlights our commitment to combating evolving threats and fostering a secure digital environment.
