Matrices
Enterprise
Mobile
ICS
Tactics
Enterprise
Mobile
ICS
Techniques
Enterprise
Mobile
ICS
Defenses
Data Sources
Mitigations
Enterprise
Mobile
ICS
Assets
CTI
Groups
Software
Campaigns
Resources
Get Started
Learn More about ATT&CK
ATT&CK Data & Tools
FAQ
Engage with ATT&CK
Version History
Legal & Branding
Benefactors
Blog
Search
ATT&CK v15 has been released! Check out the
blog post
or
release notes
for more information.
RESOURCES
Get Started
Learn More about ATT&CK
Presentation Archive
ATT&CKcon Presentations
ATT&CKcon 4.0
ATT&CKcon 3.0
ATT&CKcon Power Hour
ATT&CKcon 2.0
ATT&CKcon 2018
Trainings
CTI Training
ATT&CK Data & Tools
FAQ
Engage with ATT&CK
Stay Informed
Contribute
Benefactors
Version History
Legal & Branding
Home
Resources
Get Started
Assessment and Engineering
Assessment and Engineering
ATT&CK can be used to assess your organization’s capabilities and drive engineering decisions like what tools or logging you should implement.
Getting Started with ATT&CK: Assessments and Engineering Blog Post
This blog post describes how you can get started using ATT&CK for assessments and engineering at three different levels of sophistication. (August 2019)
Lessons Learned Applying ATT&CK-Based SOC Assessments Presentation
This keynote presentation discusses a process to gauge a SOC’s detective capabilities as they relate to ATT&CK, including MITRE’s practical experiences and lessons learned. (June 2019)
Lessons Learned Applying ATT&CK-Based SOC Assessments Presentation (recording)
Youtube recording of the same SANS keynote presentation. (January 2020)
ATT&CK Evaluations
MITRE’s evaluations of cybersecurity products using an open methodology based on ATT&CK can help end users understand how commercial security products detect known adversary behaviors.
Finding Cyber Threats with ATT&CK-Based Analytics
Presents a methodology for using ATT&CK to build, test, and refine behavioral-based analytic detection capabilities. (June 2017)
Return to Get Started
×
load more results