The mitre ATT&CK framework is a tool developed by the MITRE Corporation that is intended to help with understanding how cyberattacks can be performed. It takes the lifecycle of a cyberattack, breaks it down into stages, and provides a wealth of information about each stage.
The MITRE ATT&CK framework is designed as a hierarchy. At the top are the Tactics, which describe the goals that an attacker may be attempting to accomplish at a particular stage of a cyberattack. Each of these goals has a number of Techniques and Sub-Techniques associated with it, which describe the various methods that an attacker can use to accomplish a particular Tactic.
By working through the various Tactics, Techniques, and Sub-Techniques, it is possible to gain a good understanding of how cyberattackers can accomplish their goals in an attack. While the MITRE ATT&CK framework’s list of Techniques and Sub-Techniques may not be comprehensive, it covers the most common attacks and the ones that an organization is most likely to experience.
Introduction to MITRE ATT&CK framework mitigations
While MITRE ATT&CK is written to focus on the attacker’s side, it isn’t designed to be a cookbook for attackers wanting to expand their skill sets and