MITRE ATT&CK® framework

Anshul TiwariAnshul Tiwari
1 min read

Lets understand MITRE ATT&CK framework in simple way.

What is MITRE ATT&CK ?

It was developed and released by MITRE Corporation.A non-profit organization in 2015.Acronym ATT&CK stands for Adversarial Tactics, Techniques and Common Knowledge.It acts as a central resource for organizations for enhancing their cyber security posture.It also helps in understanding and defending against cyber threats.

Whats inside the framework ?

Tactics :- It answers "why" behind the attack.Some of the common tactics are :

  1. Initial Access

  2. Execution

  3. Persistence

  4. Privilege Escalation

  5. Defense Evasion

  6. Lateral Movement

  7. Exfiltration

Techniques :- It answers "how" attacker accomplishes tactics.

Sub-techniques :- It provides additional granularity within techniques. For example Spear phishing

Procedures :- It describes implementation of techniques and sub-techniques.

How can organisations leverage the MITRE ATT&CK framework :-

  • Threat Detection and Response

  • Threat Hunting.

  • Red Teaming.

  • Security Gap Analysis.

0
Subscribe to my newsletter

Read articles from Anshul Tiwari directly inside your inbox. Subscribe to the newsletter, and don't miss out.

MITRE#Mitre-attack-techniqueRed Teaming#privilegeesclationthreat intelligenceThreatDetectionSecurity

Written by

Anshul Tiwari
Anshul Tiwari