JUST RELEASED: ATT&CK for Industrial Control Systems

Papers

  • Philosophy Paper: This whitepaper provides an in-depth look at why we created ATT&CK, how we update and maintain it, and what the community commonly uses it for.
  • Finding Cyber Threats with ATT&CK-Based Analytics: This paper presents a methodology for using ATT&CK to build, test, and refine behavioral-based analytic detection capabilities using adversary emulation.

Presentations

Other ATT&CK Efforts

Building a community around sharing observations of ATT&CK techniques in the wild.
Plans that showcase the practical use of ATT&CK for offensive operators and defenders.
Evaluations of cybersecurity products using an open methodology based on ATT&CK.
A knowledge base describing actions that adversaries may take while operating within Industrial Control System networks.

Other Resources