About the DISARM frameworks

The DISARM frameworks are designed for describing and understanding different parts of disinformation incidents, and are:

DISARM is part of work on adapting information security (infosec) practices to help track and counter misinformation, and is designed to fit existing infosec practices and tools. To help with this, DISARM's style is based on the MITRE ATT&CK and STIX information security frameworks.

DISARM frameworks and data are available under a CC-BY-4.0 license - credit us (ideally also tell us about potentially useful changes), and you're free to use them. DISARM templates, datasets, and user guides are available in https://github.com/cogsec-collaborative/DISARM. If you're using other tools, DISARM is embedded in the MISP toolset, and STIX templates for DISARM objects are available in the DISARM_CTI repository.

DISARM Contributors

The DISARM frameworks are a community effort:

Suggestions for DISARM framework changes can be made through a Googleform. Changes are then agreed between CogSecCollab and the DISARM design authorities - currently SJ Terp and Pablo Breuer.

What you're looking at here

You're looking at a work in progress. Eventually this message will be replaced with a pretty interface, but if you're here, it's good to say what's happening to get there.

We're working towards a set of functions for this app that include navigating a database of disinformation objects, being able to easily enter machine- and human-readable descriptions of misinformation and disinformation incidents, traverse through possibel behaviours as part of a red team exercise or simulation, and share machine-readable alerts with anyone connected to a information security system using the STIX message protocols.

But to get there, we have to do some things first. These include: