MITRE ATT and CK(trademark): Design and Philosophy

Abstract

The MITRE ATT and CK knowledgebase describes cyber adversary behavior and provides a common taxonomy for both offense and defense. It has become a useful tool across many cyber security disciplines to convey threat intelligence, perform testing through red teaming or adversary emulation, and improve network and system defenses against intrusions. The process MITRE used to create ATT and CK, and the philosophy that has developed for curating new content, are critical aspects of the work and are useful for other efforts that strive to create similar adversary models and information repositories.

Open PDF

Document Details

Document Type
Technical Report
Publication Date
Jul 01, 2018
Accession Number
AD1108016

Entities

People

  • Adam G. Pennington
  • Andy Applebaum
  • Blake E. Strom
  • Cody B. Thomas
  • Doug P. Miller
  • Kathryn C. Nickels

Organizations

  • MITRE Corporation

Tags

Communities of Interest

  • Cyber

DTIC Thesaurus Topics

  • Advanced Persistent Threat
  • Application Software
  • Best Practices
  • Code Injection
  • Command And Control
  • Computer Program Documentation
  • Computer Programming
  • Computer Programs
  • Computers
  • Corporations
  • Countermeasures
  • Cyber Threats
  • Cybersecurity
  • Detection
  • Detectors
  • Environment
  • Intrusion
  • Intrusion Detection
  • Malware
  • Operating Systems
  • Social Media
  • Standards
  • Vulnerability
  • Web Applications

Fields of Study

  • Computer science

Readers

  • Marine Propulsion Engineering and Naval Architecture
  • Software Engineering.
  • Strategic Security Studies

Technology Areas

  • Cyber