New updates have been reported about Tidal Cyber.
Claim 55% Off TipRanks
- Unlock hedge fund-level data and powerful investing tools for smarter, sharper decisions
- Discover top-performing stock ideas and upgrade to a portfolio of market leaders with Smart Investor Picks
Tidal Cyber has launched a redesigned cyber threat intelligence architecture that explicitly separates MITRE ATT&CK framework data from the company’s own procedure-level threat intelligence, positioning its platform to capture demand created by ATT&CK Version 19’s structural overhaul. The move is intended to help enterprise security teams translate evolving, technique-level categorizations into concrete defensive actions by focusing on how attacks are actually executed rather than solely how they are labeled.
Under the new model, MITRE ATT&CK remains the reference structure for adversary techniques, while Tidal Cyber’s CTI supplies granular, procedure-led intelligence tied directly to a customer’s defensive stack and assets. This separation is designed to remove ambiguity from blended intelligence sources, expose where real-world attacks bypass controls, and guide faster, more defensible prioritization of remediation and investment decisions.
The timing coincides with ATT&CK v19’s retirement of the “Defense Evasion” tactic and its division into Stealth and Impair Defenses, a change that will force many organizations to update their detections, playbooks, and workflows. By anchoring its platform on procedures as the core unit of analysis, Tidal Cyber aims to reduce operational complexity for customers that must now remap rules and reporting to the new tactic structure.
Tidal Cyber’s platform connects procedures, threat intelligence, vulnerabilities, assets, and security controls into a single model, allowing customers to ingest vulnerability data, understand its impact on attack likelihood and paths, and prioritize based on attacker execution rather than static severity scores. Executives can use this approach to identify where defenses are most likely to fail in realistic attack chains and to make targeted spending decisions that measurably reduce attacker success and residual risk.
Company leadership frames the change as an evolution from visibility to outcome-based defense, arguing that structure alone is no longer sufficient in a high-volume, high-complexity threat environment. For security and risk leaders, the new architecture is intended to provide clearer source attribution across MITRE, Tidal Cyber, and other feeds, improving trust in intelligence while operationalizing Threat-Led Defense as a framework for both day-to-day operations and longer-term cyber risk governance.