Defending IAAS with ATT&CK
Defending IaaS with ATT&CK developed an ATT&CK matrix that enables users to easily understand and work with the techniques applicable to …
Attack Flow
Attack flow is a data model with supporting tooling and examples for describing sequences of adversary behaviors. Attack flows help defenders …
Micro Emulation Plans
Micro Emulation Plans help organizations validate their defenses quickly and easily by building smaller scale adversary emulation plans that are …
Cloud Analytics
The Cloud Analytics project sought to advance the state of the practice by developing a blueprint for writing analytics for cloud platforms. To …
Security Stack Mappings – Google Cloud Platform
This project identified and mapped security capabilities available as part of GCP to the ATT&CK techniques to which they can detect, protect, …
ATT&CK Powered Suit
ATT&CK Powered Suit is a freely available browser extension that puts the MITRE ATT&CK® knowledge base at your fingertips. This extension …
Top ATT&CK Techniques V1
Top ATT&CK Techniques provides defenders with a systematic approach to prioritizing ATT&CK techniques. Our open methodology considers …
Attack Flow V1
Defenders typically track adversary behaviors atomically, focusing on one specific action at a time. While this is a good first step toward …
Sightings Ecosystem V1
This project provides cybersecurity defenders and researchers with critical insight into real-world, in the wild adversary behaviors mapped to …
Insider Threat TTP Knowledge Base V1
The Insider Threat Tactics, Techniques, and Procedures (TTP) Knowledge Base aims to advance our collective understanding of the technical …
NIST 800-53 Controls to ATT&CK Mappings
This project created a comprehensive set of mappings between MITRE ATT&CK® and NIST Special Publication 800-53 with supporting documentation …
Mapping ATT&CK to CVE for Impact
This research defines a methodology for using MITRE ATT&CK® to characterize the potential impacts of vulnerabilities. ATT&CK’s tactics …