Tidal Cyber continued to advance its threat-led defense strategy this week, unveiling a redesigned cyber threat intelligence architecture aligned with MITRE ATT&CK v19 and promoting its presence at the Infosecurity Europe conference in London. The company is emphasizing procedure-level visibility into attacker behavior as a way to help organizations measure and improve real-world security outcomes.
Meet Samuel – Your Personal Investing Prophet
- Start a conversation with TipRanks’ trusted, data-backed investment intelligence
- Ask Samuel about stocks, your portfolio, or the market and get instant, personalized insights in seconds
The new CTI architecture explicitly separates MITRE ATT&CK framework data from Tidal Cyber’s proprietary procedure-level intelligence, aiming to reduce ambiguity and make defenses more operational. By tying granular procedures to customers’ specific controls and assets, the platform is designed to reveal where actual attacks bypass defenses and to prioritize remediation.
This rollout coincides with structural changes in ATT&CK v19, including the retirement of the Defense Evasion tactic in favor of Stealth and Impair Defenses, which will require many organizations to retune detections. Tidal Cyber positions its procedure-centric model as a way to simplify this transition, helping security teams remap rules more efficiently and reduce operational complexity.
Across recent communications and a webcast titled “The Next Evolution of Security: Threat-Led Defense Built on Procedures,” the company is promoting threat-focused, outcome-based metrics over compliance-style measures. Leadership highlights metrics such as time to detect, time to resolution, and attacks disrupted before a critical event as better indicators of security effectiveness.
The firm is also using Infosecurity Europe to showcase its threat-led defense platform at Booth C66, with team members on-site to demonstrate capabilities and discuss use cases. The event presence is geared toward direct business development, deeper engagement with enterprise security buyers, and reinforcing brand positioning in the threat intelligence and defense orchestration market.
These developments collectively signal a deliberate move toward higher-fidelity, behavior-based analytics and outcome-driven security validation. While the posts do not disclose customer or financial metrics, successful adoption of the new architecture and messaging could enhance platform stickiness, support upsell opportunities, and strengthen Tidal Cyber’s competitive stance in a crowded cybersecurity landscape.