MITRE ATT and amp;CK™ is a globally-accessible knowledge base of adversary tactics and techniques based on real-world observations. MITRE ATT and amp;CK™ was started in 2013 to catalogue observed tactics, techniques, and procedures (TTPs) in use by advanced persistent threats (APTs) around the world. Many of the TTPs included in the framework are in use by far less sophisticated attackers as well, and the structure of the framework is usable by organizations of all sizes and security postures for identifying gaps in security coverage. Since sophisticated TTPs that work well tend to enter the mainstream attack vernacular, the ATT and amp;CK™ matrix offers enduring value for companies looking to vet and improve their detection and investigation coverage.
Network traffic analysis for MITRE ATT and CK
