• Philosophy Paper: This whitepaper provides an in-depth look at why we created ATT&CK, how we update and maintain it, and what the community commonly uses it for.
  • Finding Cyber Threats with ATT&CK-Based Analytics: This paper presents a methodology for using ATT&CK to build, test, and refine behavioral-based analytic detection capabilities using adversary emulation.


Other ATT&CK Efforts

Building a community around sharing observations of ATT&CK techniques in the wild.
Plans that showcase the practical use of ATT&CK for offensive operators and defenders.
Evaluations of cybersecurity products using an open methodology based on ATT&CK.

Other Resources