Philosophy Papers: These whitepapers provide an in-depth look at why we created these ATT&CK domains, how we maintain and update them, and what the community commonly uses them for.
ATT&CK for ICS extension (pdf): This document does not represent a comprehensive resource on MITRE ATT&CK. For individuals already familiar with ATT&CK, this document can be viewed as an extension to the ATT&CK Design and Philosophy whitepaper above that highlights unique, as well as some common, aspects of the design and philosophy of ATT&CK for ICS.
Finding Cyber Threats with ATT&CK-Based Analytics: This paper presents a methodology for using ATT&CK to build, test, and refine behavioral-based analytic detection capabilities using adversary emulation.
Last updated October 2020
Last updated June 2021