MITRE ATT&CK® is a globally-accessible knowledge base of adversary tactics and techniques based on real-world observations. The ATT&CK knowledge base is used as a foundation for the development of specific threat models and methodologies in the private sector, in government, and in the cybersecurity product and service community.

With the creation of ATT&CK, MITRE is fulfilling its mission to solve problems for a safer world — by bringing communities together to develop more effective cybersecurity. ATT&CK is open and available to any person or organization for use at no charge.

ATT&CK Matrix for Enterprise

Reconnaissance Resource Development Initial Access Execution Persistence Privilege Escalation Defense Evasion Credential Access Discovery Lateral Movement Collection Command and Control Exfiltration Impact
10 techniques 8 techniques 10 techniques 14 techniques 20 techniques 14 techniques 43 techniques 17 techniques 32 techniques 9 techniques 17 techniques 17 techniques 9 techniques 14 techniques
Reconnaissance Resource Development Initial Access Execution Persistence Privilege Escalation Defense Evasion Credential Access Discovery Lateral Movement Collection Command and Control Exfiltration Impact
10 techniques 8 techniques 10 techniques 14 techniques 20 techniques 14 techniques 43 techniques 17 techniques 32 techniques 9 techniques 17 techniques 17 techniques 9 techniques 14 techniques