| Version | Start Date | End Date | Data |
|---|---|---|---|
| ATT&CK v1 | January 6, 2018 | April 12, 2018 | v1.0 on MITRE/CTI |
19 new techniques - Up to 188 from 169:
Three techniques renamed
DLL Injection -> Process Injection Cron -> Local Job Scheduling Local Port Monitor -> Port Monitors
Many techniques updated
Changes include adding new technical description information, detection and mitigation details, references, and adversary use examples. These range from major revisions, like with Process Injection and Access Token Manipulation to add substantially new information in the technical descriptions, to minor revisions, like InstallUtil to add some additional details.
In addition to the new pages below, we updated many Group and Software pages, including OilRig and Dragonfly. We also added additional Associated Groups in an attempt to track overlapping activity from multiple vendors as a single Group.
Nine new groups:
26 new software entries:
Consolidated platforms parameters - It was becoming cumbersome to track individual OS platform versions and releases. Since many of the techniques described work across most versions of a platform, we decided to consolidate them to down to one tag. Any version requirements will be captured in the technical description and requirements sections of a technique