MITRE ATLAS OpenClaw Investigation Discovers New and Likeliest Techniques

By Suneel Sundar • February 9, 2026

MITRE ATLAS™ analyzed OpenClaw incidents that showcase how AI-first ecosystems introduce new exploit execution paths. OpenClaw is unique because it can independently make decisions, take actions, and complete tasks without continuous human oversight.

By mapping the patterns and behaviors to ATLAS Tactics, Techniques, and Procedures (TTPs) and visualizing the attack flow, the team deduced chokepoint techniques that adversaries rely on. See the Investigation Report here:

Incident Report

CTID is grateful for the contributions of our Secure AI Project Lead and CTID Research team members.

MITRE’s Center for Threat Informed Defense welcomes collaboration from the entire AI security community to inform defenders of threats introduced by open-source agentic systems like OpenClaw. Join MITRE and industry researchers to grow the ATLAS matrix and develop community tools, resources, and guidance.

About the Author

Suneel Sundar

As the Director of Research & Development in the Center for Threat-Informed Defense, Suneel leads and executes the Center’s research program with MITRE engineers, private sector partners, and U.S. government organizations that makes cyber attackers’ lives difficult. Suneel teaches Iyengar yoga in San Diego and over Zoom.

More by Suneel Sundar

Recent Blog Posts:

Feb 2026

MITRE ATLAS OpenClaw Investigation Discovers New and Likeliest Techniques

About the Author

Suneel Sundar

Recent Blog Posts:

A Threat-Informed Community is Necessary for Defense to Function

MITRE ATLAS OpenClaw Investigation Discovers New and Likeliest Techniques

Cloud Security Built with ATT&CK

On This Page