Matrices
Enterprise
Mobile
ICS
Tactics
Enterprise
Mobile
ICS
Techniques
Enterprise
Mobile
ICS
Defenses
Data Sources
Mitigations
Enterprise
Mobile
ICS
Assets
CTI
Groups
Software
Campaigns
Resources
Get Started
Learn More about ATT&CK
ATT&CKcon
ATT&CK Data & Tools
FAQ
Engage with ATT&CK
Version History
Legal & Branding
Benefactors
Blog
Search
Reminder: the TAXII 2.0 server will be
retiring on December 18
. Please switch to the
TAXII 2.1 server
to ensure uninterrupted service.
RESOURCES
Get Started
Learn More about ATT&CK
Presentation Archive
Trainings
CTI
Purple Teaming Fundamentals
ATT&CK Fundamentals
Adversary Emulation
Access Tokens Technical Primer
SOC Assessments
Threat Hunting
Detection Engineering
ATT&CKcon
ATT&CKcon 5.0
ATT&CKcon 4.0
ATT&CKcon 3.0
ATT&CKcon Power Hour
ATT&CKcon 2.0
ATT&CKcon 2018
ATT&CK Data & Tools
FAQ
Engage with ATT&CK
Stay Informed
Contribute
Benefactors
Version History
Legal & Branding
Home
Resources
Get Started
Assessment and Engineering
Assessment and Engineering
ATT&CK can be used to assess your organization’s capabilities and drive engineering decisions like what tools or logging you should implement.
Getting Started with ATT&CK: Assessments and Engineering Blog Post
This blog post describes how you can get started using ATT&CK for assessments and engineering at three different levels of sophistication. (August 2019)
Lessons Learned Applying ATT&CK-Based SOC Assessments Presentation
This keynote presentation discusses a process to gauge a SOC’s detective capabilities as they relate to ATT&CK, including MITRE’s practical experiences and lessons learned. (June 2019)
Lessons Learned Applying ATT&CK-Based SOC Assessments Presentation (recording)
Youtube recording of the same SANS keynote presentation. (January 2020)
ATT&CK Evaluations
MITRE’s evaluations of cybersecurity products using an open methodology based on ATT&CK can help end users understand how commercial security products detect known adversary behaviors.
Finding Cyber Threats with ATT&CK-Based Analytics
Presents a methodology for using ATT&CK to build, test, and refine behavioral-based analytic detection capabilities. (June 2017)
Return to Get Started
×
load more results