top of page
About the Intrusion 8 Project

ISAUnited’s Red Team Intelligence for Blue Team Strength  |  Know the Exposure

Mission

Strengthening defenders through responsible intelligence.

I8_logo8.png
Project Overview

Intrusion 8 is ISAUnited’s Red Team Intelligence division, built to help defenders understand how modern intrusions succeed across enterprise and cloud environments. The project exists for education and instruction only, with a deliberate focus on conditions and outcomes that inform defensive architecture, detection, and response. Intrusion 8 also helps keep the Defensible 10 Standards in check by providing a counter set of ten domain threat profiles and curated catalogs that support verification and validation of defensive priorities and engineering outcomes.

image.png

(Click to expand image)

Objectives

Intrusion 8 is designed to:

  1. Clarify domain exposure conditions that enable compromise across modern environments.

  2. Frame adversary operations using the 8 Threat Operations Functions phases (Initial Reconnaissance, Initial Compromise, Establish Foothold, Escalate Privileges, Internal Reconnaissance, Move Laterally, Maintain Presence, Complete Mission) so defenders can reason about how intrusions progress and where to interrupt them.

  3. Translate adversary behavior into intelligence usable by defenders to support readiness, prioritization, and decision-making across architecture, detection, and response.

  4. Maintain governed intelligence catalogs that remain consistent, curated, and continuously improved over time, including the Threat Actor Catalog, Threat Vectors Catalog, and Threat Tools Catalog.

  5. Strengthen Blue Team capabilities by connecting Red Team insight to defensive design, detection planning, and response preparation, aligned to the Defensible 10 domains.

  6. Support verification and validation by grounding defensive improvements in real-world intrusion patterns and observable outcomes, helping keep the Defensible 10 Standards in check through a threat-informed counter perspective.

  7. Educate practitioners responsibly with content that improves awareness and readiness without providing procedural guidance that could enable misuse.

  8. Reinforce the Defensible 10 Standards by publishing ten domain threat profiles that mirror the ten domains and help validate defensive priorities and engineering outcomes.

Image by Redmind Studio
Image by Redmind Studio
What Intrusion 8 Provides

10 Domain Threat Profiles that summarize common exposure conditions, compromise pathways, and defensive implications across ten security domains.

 

The Intrusion Vault, available through ISAUnited membership in the ISAUnited.org Library, houses and maintains three curated reference catalogs.

  1. Threat Actor Catalog: Documented adversary profiles written for instruction and defensive readiness.

  2. Threat Vectors Catalog: Structured compromise pathways that connect entry surfaces, exposure conditions, and impact paths.

  3. Threat Tools Catalog: A defender-focused reference of tools observed in real-world intrusions, documented for awareness and detection planning.

Supported by:

I8_logo4.png

Training by:

new-1-blue-background_v2.png

Practitioner and Organizational Use

Intrusion 8 is for educational and instructional purposes only. Content is written to strengthen defensive readiness and professional practice. Intrusion 8 does not provide procedural guidance intended for misuse.

Commercial, Vendor, and Integration Use

The use, reproduction, or incorporation of the Intrusion Threat Profiles or their content within commercial products, software, tooling, managed services, or for-profit offerings requires a separate commercial integration or redistribution license issued by the Institute of Security Architecture United (ISAUnited.org).


This includes but is not limited to:

  • Integration into commercial or subscription-based platforms or software tools

  • Use in vendor-branded frameworks or automated compliance products

  • Redistribution of modified or adapted versions for resale or commercial benefit

 

Requests for commercial licensing or integration agreements should be directed to:  info@isaunited.org

© 2026 The Intrusion 8 Threat Profiles. Owned, operated, and maintained by the Institute of Security Architecture United (ISAUnited.org).

bottom of page