ATT&CK Workbench V1

June 22, 2021

Project Summary

ATT&CK Workbench is an easy-to-use open-source tool that allows organizations to manage and extend their own local version of ATT&CK and keep it in sync with MITRE’s knowledge base.

Workbench allows users to explore, create, annotate, and share extensions of the ATT&CK knowledge base. Organizations or individuals can run their own instances of the application to serve as the centerpiece to a customized version of the ATT&CK knowledge base, attaching other tools and interfaces as desired. Through the Workbench this local knowledge base can be extended with new or updated techniques, tactics, mitigations groups, and software. Additionally, Workbench provides means for a user to share their extensions with the greater ATT&CK community facilitating a greater level of collaboration within the community than is possible with current tools.

Problem

Defenders struggle to integrate their organization’s local knowledge of adversaries and their TTPs with the public ATT&CK knowledge base.

Solution

Build an easy-to-use open-source software tool that allows organizations to manage and extend their own local version of ATT&CK and keep it in sync with MITRE’s knowledge base.

Impact

Drastically reduces the barriers for defenders to ensure that their threat intelligence is aligned with the public ATT&CK knowledge base.

Project Resources:

Project Announcement GitHub

---

Funding Research Participants

---