MITRE ATT&CK
MITRE ATT&CK® is a knowledge base that helps model cyber adversaries' tactics and techniques—and then shows how to detect or stop them.
Cyber adversaries are shapeshifters: notoriously intelligent, adaptive, and persistent. They learn from every attack, whether it succeeds or fails. They can steal personal data, damage business operations, or disrupt critical infrastructure.
But there is a lot we can learn from cyber adversaries. And that’s where MITRE comes in. We developed MITRE ATT&CK®, a globally accessible knowledge base of adversary behavior.
ATT&CK is freely available to everyone—including the private sector, government, and the cybersecurity product and service community—to help develop specific threat models and methodologies. The ATT&CK knowledge base outlines common tactics, techniques, and procedures used by cyber adversaries. In doing so, ATT&CK provides a common language for defenders to have conversations about emerging threats and develop effective defensive strategies.
Along with the ATT&CK Matrix for Enterprise, we also provide specific guidance for cloud, Windows, macOS, mobile, and industrial control systems.
Building a Community Around Threat-Informed Defense
ATT&CK isn’t just a knowledge base. We’re building a community of cyber professionals from government, academia, and the private sector. ATT&CK users from 226 different countries and territories contribute real-world observations and learn from the tactics and techniques identified in the matrix.
The ATT&CK team continues to expand and update the framework to help defenders reduce vulnerabilities, understand known behaviors, and recognize threats before adversaries carry out their objectives.
- The Center for Threat-Informed Defense™ brings together sophisticated security teams from leading organizations around the world to conduct and share research that improves the collective ability to prevent, detect, and respond to cyber attacks.
- MITRE ATT&CK® Evaluations help cybersecurity vendors improve their offerings and provide defenders with insights into a product’s capabilities and performance. Evaluations follow a rigorous, transparent methodology, using a collaborative, threat-informed purple-teaming approach to evaluate solutions within the context of ATT&CK.
Latest News & Insights
Publication
MITRE ATT&CK
Media Coverage
Enterprise Security Weekly: D3FEND 1.0 Cyber Ontology
News Release
MITRE Posts Latest Findings of ATT&CK Evaluations for Cybersecurity Solutions Against Ransomware
Media Coverage
CyberScoop: Latest round of MITRE ATT&CK evaluations put cybersecurity products through rigors of ransomware
News Release
MITRE Engenuity Releases Findings of New MITRE ATT&CK Evaluations for 11 Managed Security Service Providers
News Release
Center for Threat-Informed Defense Expands Cybersecurity Community Resources for Applying MITRE ATT&CK
Media Coverage
Federal News Network: Researcher takes on ransomware and the products for stopping it
News Release
New Round of MITRE Engenuity’s ATT&CK Evaluations Calls for Participation for Enterprise Cybersecurity Solutions
Publication
MITRE's Response to the OMB RFI on FedRAMP
Media Coverage
Security Breach: Vulnerability Data from 'The Wild'
News Release
MITRE Engenuity ATT&CK Evaluations Announces Results of Enterprise Cybersecurity Solutions Vs. Turla Emulations
Media Coverage
ITSPmagazine: Becoming a Dark Knight: Adversary Emulations
Media Coverage
SiliconANGLE: Defending against evolving cybercrime
Media Coverage
The Changing Role of the MITRE ATT&CK Framework
Media Coverage