Picus Threat Library

A microcosm of the global threat landscape at your fingertips

A highly specialized, vast repository of threat and attack technique samples maintained by a dedicated team of expert security analysts from Picus Labs stages the current spectrum of cyber risks for the use of cybersecurity professionals.

Contact us Now

Weather the storm

Information based global threat context is readily accessible in many different ways and forms, but it is hardly actionable. Security analysts try to weather a storm of threat intelligence coming from multiple sources.

Even with a good number of skilled in-house penetration testers or Red Team members, organizations can hardly create a workable and sufficiently broad repository of threat samples in keeping up with the changes in the adversarial context.

" The value of these threat intelligence services is sometimes constrained by the customer's ability to afford, absorb, contextualize and, especially, use the information provided by the services. "

Gartner 'Market Guide for Security Threat
Intelligence Products and Services'
Craig Lawson, et al, 20 May 2020
shield icon

A Readily Available Adversarial Context: Picus Threat Library

Daily updated Picus Threat Library helps security operations ingest the adversarial changes in relation to their defensive capabilities. Picus Threat Library offers:

  • Thousands of daily-updated malware, vulnerability exploit and web application attack samples
  • Atomic adversarial techniques covering over 90% MITRE ATT&CK Framework
  • Hundreds of nation-state and vertical driven attack scenarios
  • Picus Threat Library content is mapped to the frameworks of MITRE ATT&CK, cyber kill chain and OWASP, targeted applications, targeted operating systems, and Common Vulnerabilities and Exposures/Common Weakness Enumeration (CVE/CWE) references.

Threat Watch

Picus Labs vigilantly scans the changes in the threat landscape by collecting and processing threat intelligence from numerous sources, including commercial and open-source threat intelligence services, blogs, white papers of security vendors and researchers social media, malware sandboxes, and forums.



Even though the multiplication of threats is in the range of millions a day, most of these threats carry common characteristics. With the algorithms developed by the Picus Labs team, Picus Threats Library keeps threats and adversarial techniques with unique characteristics only.


Threat Analysis

New vulnerabilities and techniques are analyzed to determine the likelihood of being used or exploited imminently. These are shortlisted for a quick sampling process.


The Most Recent Adversarial Context at your Fingertips

Thanks to the Global Watch, Commonality Analysis, and Imminent Threat Research processes of Picus Threat Library, Picus customers find the samples of most recent adversarial techniques conveniently at their fingertips. Cybersecurity stakeholders such as SOC analysts, threat hunters, incident responders, security operations teams, the red team, and pen-test members can utilize the granular content of Threat Library for different scenarios they carry out or test.

Screenshots of the Picus platform Picus Partners

A Functional Library Trusted by the Most Prominent Security Vendors

Unlike the colossal threat intelligence feeds or lagged free tools, Picus Threat Library is always up to date. Its granular content turns the intuitive Picus Threat Emulation module into a functional engine, enabling tens of different use cases for various security functions. Threat Library can be applied to security scoring, validation, and mitigation overhaul.

Major security vendors trust Picus Threat Library as their primary defense validation mechanism before new updates are released.

picus icon


Picus Labs is the research arm of Picus Security, a pioneering Breach and Attack Simulation provider. Our research is carried out using our own internal tools, as well as open source and commercial tools.

updated product

PICUS Labs Team

Onur Alanbel

Red Team Manager

Nurdogan Ciki

Blue Team Manager

Oguzcan Pamuk

Senior Blue Team Engineer

Baris Akkaya

Attack Developer

Evren Yalcin

Attack Development Team Lead

Osman Can Guler

Blue Team Engineer

Mert Tasci

Attack Developer

Turgay Arda Usman

Attack Developer

Emre Ovunc

Attack Developer

Ready to get started?


Stay #proactive by validating your security controls

Contact us Now