Effective Date: 1 July 2021
The MITRE Corporation ("MITRE") respects the privacy of its website users.
"Cookies" are data that may be sent to your web browser and stored on your computer. Most web browsers can be configured not to accept cookies, or to notify you if a cookie is sent to you. If you wish not to have cookies set during your visit to this MITRE managed Site, you can disable them in your web browser.
The MITRE ATT&CK website is hosted on GitHub®. MITRE and GitHub use a free third-party software service called Google Analytics® to capture and analyze non-personally identifiable website usage information.
MITRE logs all accesses and the following information is recorded for each Site user: IP address, date and time of access, the requested URL, the referring URL (if provided by the Web browser), and the browser type (if provided by the Web browser). The IP address and its associated domain name (if any) are used to determine broad demographic information. The IP address may be used to track how users navigate through the Site.
MITRE additionally collects User-entered keyword search strings to gauge User interest in specific types of vulnerability information. Each access of an individual ATT&CK entry or candidate page is used to gauge User interest. Web log information may be provided to limited research groups within MITRE to support research related to the World Wide Web. This information does not identify you personally. MITRE may store such information, or it may be included in databases owned and maintained by our service providers.
Information that User subscribers may provide, such as company name, location, or job function, is used to determine broad demographic and non-personally identifiable information regarding the types of users of these mailing lists. User subscribers are not required to provide this information. MITRE may provide broad non-personally identifiable demographic information to other organizations.
ATT&CK-related mailing lists that are sponsored by MITRE are configured to prevent attackers from identifying the subscribers to such mailing lists.
Users may contact MITRE electronically, via the Contact Us page. MITRE may share the information that you provide to us via e-mail within the corporation to respond to your queries, but we do not provide information to anyone outside of the corporation unless required by law to do so.
MITRE performs due diligence to preserve the integrity of the information on the Site. MITRE uses various logging and tracking mechanisms to support the detection, reporting, or recovery from attempted intrusions into attack.mitre.org. MITRE reserves the right to use all available technologies without notice to protect its networks from unauthorized use, and to report attempted intrusions to the appropriate authorities.