MITRE ATT&CK (Adversarial Tactics, Techniques & Common Knowledge)

MITRE’s National Cybersecurity Federally Funded Research and Development Centers (FFRDC’s) Adversarial Tactic, Techniques, and Common Knowledge (ATT&CK) repository of collected cybersecurity data.

 

ATT&CK bridges the gap between multiple offensive security data points, including Tactics, Techniques, Tools, and identified malicious Advanced Persistent Threat actors. The creation of most of this framework comes from an interesting project executed by Blake Storm, of MITRE, called project FMX (Fort Meade Experiment). In this project, a production network was attacked by Blake and other security professionals which impersonated adversarial groups' tactics and techniques. By leveraging data points collected on the network, Blake was able to construct a large part of the ATT&CK framework that could be leveraged by offensive as well as defensive security professionals, to map potential offensive tactics and techniques.

 

Seeking Clarity?

View the Cybersecurity Dictionary for top terms searched by your peers.