The Adversarial Tactics, Techniques, and Common Knowledge or MITRE ATT&CK is a guideline for classifying and describing cyberattacks and intrusions. It was created by the Mitre Corporation and released in 2013.[1]

Rather than looking at the results of an attack (aka an indicator of compromise (IoC)), it identifies tactics that indicate an attack is in progress. Tactics are the “why” of an attack technique.

The framework consists of 14 tactics categories consisting of "technical objectives" of an adversary.[2] Examples include privilege escalation and command and control.[3] These categories are then broken down further into specific techniques and sub-techniques.[3]

The framework is an alternative to the Cyber Kill Chain developed by Lockheed Martin.[3]

References

  1. "What is the MITRE ATT&CK Framework?". Rapid7. Retrieved 2022-04-18.
  2. "Tactics in the ATT&CK Framework". Exabeam. 2022-08-03.
  3. 1 2 3 "What is the Mitre Attack Framework?". crowdstrike.com. Retrieved 2022-04-18.
This article is issued from Wikipedia. The text is licensed under Creative Commons - Attribution - Sharealike. Additional terms may apply for the media files.