Using MITRE ATT&CK with cyber threat intelligence

The MITRE ATT&CK framework is a tool developed by the MITRE Corporation. It is designed to provide information about how a works and the various means that an attacker can carry out their goals at each stage of an .

MITRE ATT&CK is primarily a repository of information without a clear guide on work through and take advantage of it. Cyber threat intelligence provides this guidance, and MITRE ATT&CK offers a few tools to help organizations to use it to operationalize their threat intelligence.


Cyber threat actors commonly operate in groups. Many cybersecurity organizations track advanced persistent threats (APTs), organized cybercrime groups and other . These groups are defined and tracked by identifying commonalities between cyberattack campaigns believed to originate from the same threat actors.

The MITRE ATT&CK Framework includes a listing of these groups. For each of the 110 groups currently tracked, MITRE ATT&CK includes a list of the Techniques and Software known to be used by these groups.

This enables an organization to leverage MITRE ATT&CK to develop defenses and mitigations based upon threat intelligence linked to various cyber threat groups. that a particular group is active and that

Read More: