You want to get started using ATT&CK, but where do you begin? Regardless of what you want to accomplish, it’s important to understand what ATT&CK is and why MITRE created it.
ATT&CK can help cyber defenders develop analytics that detect the techniques used by an adversary.
ATT&CK gives analysts a common language to structure, compare, and analyze threat intelligence.
ATT&CK provides a common language and framework that red teams can use to emulate specific threats and plan their operations.
ATT&CK can be used to assess your organization’s capabilities and drive engineering decisions like what tools or logging you should implement.
Here are some resources on the ATT&CK infrastructure to help you work with the content to accomplish these use cases.
We’re creating a community of ATT&CK users who are passionate about ATT&CK and threat-informed defense. Here’s how you can find other community members, find out what they’re doing with ATT&CK, and get involved.