Archived Projects

ATT&CK for Cloud

Project Summary

This project refined and expanded MITRE ATT&CK’s coverage of adversary behaviors in cloud environments. Through our research, we refactored and consolidated the cloud platforms into IaaS, SaaS, Office365, and Azure AD. Next, we overhauled cloud data sources to better align with enterprise ATT&CK. Finally, we expanded cloud technique coverage adding and updating existing techniques.

Problem

Defenders lack visibility into adversary behaviors in cloud technologies, leaving their organizations exposed to emerging threats.

Solution

Expand MITRE ATT&CK to describe adversary behaviors in and against Cloud technologies.

Impact

Simplified defenders use of ATT&CK by aligning ATT&CK’s coverage for Cloud TTPs with how organizations are using Cloud in their operations.

Project Resources:

Project Announcement Project Website

Funding Research Participants

Explore More of Our Work:

Feb 2025

Prioritize Known Exploited Vulnerabilities

Prioritize Known Exploited Vulnerabilities shows defenders how to take a threat informed approach to vulnerability management.

Continue reading

Jan 2025

Security Stack Mappings – Hardware-Enabled Defense

The Security Stack Mappings – Hardware-Enabled Defense project demonstrates full stack threat-informed defense, from the hardware board to the …

Continue reading

Dec 2024

Summiting the Pyramid

Summiting the Pyramid (STP) creates a methodology to score analytics against the pyramid of pain, helping defenders create more robust detections …

Continue reading

Stay Informed

Sign up for our "Stay Informed" mailing list to receive announcements for project publications, upcoming events, and other news about the Center.