Archived Projects

ATT&CK for Cloud

Project Summary

This project refined and expanded MITRE ATT&CK’s coverage of adversary behaviors in cloud environments. Through our research, we refactored and consolidated the cloud platforms into IaaS, SaaS, Office365, and Azure AD. Next, we overhauled cloud data sources to better align with enterprise ATT&CK. Finally, we expanded cloud technique coverage adding and updating existing techniques.

Problem

Defenders lack visibility into adversary behaviors in cloud technologies, leaving their organizations exposed to emerging threats.

Solution

Expand MITRE ATT&CK to describe adversary behaviors in and against Cloud technologies.

Impact

Simplified defenders use of ATT&CK by aligning ATT&CK’s coverage for Cloud TTPs with how organizations are using Cloud in their operations.

Project Resources:

Project Announcement Project Website

Funding Research Participants

Explore More of Our Work:

Jan 2026

Threat-Informed Defense for Cloud Security

Use our latest mappings to replace assumption-driven cloud defense with evidence-based decisions to stop cloud adversaries in their tracks. With …

Continue reading

Jan 2026

INFORM Your Defense

MITRE INFORM is a program-level assessment designed to show how threat-informed your organization is and where to improve next across cyber …

Continue reading

Jul 2025

Attack Flow v3

With Attack Flow, you will capture the entire attack and communicate what matters!

Continue reading

Stay Informed

Sign up for our "Stay Informed" mailing list to receive announcements for project publications, upcoming events, and other news about the Center.