Ambiguous Techniques
Building upon the research of Summiting the Pyramid, Ambiguous Techniques is a methodology to determine malicious intent behind seemingly benign …
May 10, 2022
Project Summary
Top ATT&CK Techniques provides defenders with a systematic approach to prioritizing ATT&CK techniques. Our open methodology considers technique prevalence, common attack choke points, and actionability to enable defenders to focus on the ATT&CK techniques that are most relevant to their organization.
The Top ATT&CK Techniques Calculator makes building customized top technique lists easy. Users can create a top 10 technique list tailored to their organization.
The Top Ransomware Technique List provides a starting point for defending against ransomware attacks and demonstrates how the Top ATT&CK Techniques methodology can be tailored to different use cases.
This is an old verison of the Top ATT&CK Techniques project. For the latest version, see: Top ATT&CK Techniques
Problem
Defending against all ATT&CK techniques is simply not practical, and without guidance, determining which techniques to focus on is overwhelming.
Solution
Publish a methodology and tools to help defenders systematically prioritize ATT&CK techniques.
Impact
Defenders focus on the adversary behaviors that are most relevant to their organization and have the greatest effect on their security posture.
Funding Research Participants
Non-Profit Participants
Explore More of Our Work:
Prioritize Known Exploited Vulnerabilities
Prioritize Known Exploited Vulnerabilities shows defenders how to take a threat informed approach to vulnerability management.
Security Stack Mappings – Hardware-Enabled Defense
The Security Stack Mappings – Hardware-Enabled Defense project demonstrates full stack threat-informed defense, from the hardware board to the …
Stay Informed
Sign up for our "Stay Informed" mailing list to receive announcements for project publications, upcoming events, and other news about the Center.