Difference between revisions of "MITRE ATT&CK"

From ICANNWiki
Jump to navigation Jump to search
Line 2: Line 2:
  
 
==History==
 
==History==
The Mitre Corporation, an American nonprofit managing federally funded research and development centers, started ATT&CK in 2013 to document common tactics, techniques, and procedures that [[Threat Actor#Types|Advanced Persistent Threat]]s (APT)s use against [[Microsoft|Windows]] enterprise networks. It began as a documentation research project called "FMX," which investigated endpoint telemetry data and analytics usage with the aim of improving post-compromise detection. ATT&CK became the basis for testing the efficacy of sensors and analytics and is now the common language of cybersecurity offense and defense teams.<ref>[https://attack.mitre.org/resources/faq/ FAQs, MITRE]</ref>
+
In 2013, the Mitre Corporation, an American nonprofit managing federally funded research and development centers, started ATT&CK to document common tactics, techniques, and procedures that [[Threat Actor#Types|Advanced Persistent Threat]]s (APT)s use against [[Microsoft|Windows]] enterprise networks. It began as a documentation research project called "FMX," which investigated endpoint telemetry data and analytics usage with the aim of improving post-compromise detection. ATT&CK became the basis for testing the efficacy of sensors and analytics and is now the common language of cybersecurity offense and defense teams.<ref>[https://attack.mitre.org/resources/faq/ FAQs, MITRE]</ref>
  
 
==Tactics==
 
==Tactics==

Revision as of 15:10, 28 July 2021

MITRE ATT&CK is a free framework about cyber threat actors' tactics and techniques. The knowledge base, which is based entirely on real-world observations, offers a foundation for the development of specific threat models and methodologies for private, government, and Cybersecurity sectors.[1] The framework has one component for enterprise IT networks and clouds, and another for mobile devices.

History

In 2013, the Mitre Corporation, an American nonprofit managing federally funded research and development centers, started ATT&CK to document common tactics, techniques, and procedures that Advanced Persistent Threats (APT)s use against Windows enterprise networks. It began as a documentation research project called "FMX," which investigated endpoint telemetry data and analytics usage with the aim of improving post-compromise detection. ATT&CK became the basis for testing the efficacy of sensors and analytics and is now the common language of cybersecurity offense and defense teams.[2]

Tactics

Tactics refer to the purpose behind an ATT&CK technique. It is the goal for performing the action, such as stealing credentials or gaining remote access.

Techniques

Techniques encompass the conceptual method for achieving the tactical goal in question.

Procedures

Procedures refer to the actual implementation of the techniques.

References

  1. About MITRE Attack, MITRE
  2. FAQs, MITRE
Retrieved from "https://icannwiki.org/index.php?title=MITRE_ATT%26CK&oldid=1329373"