Enterprise tactics

Tactics represent the "why" of an ATT&CK technique or sub-technique. It is the adversary's tactical goal: the reason for performing an action. For example, an adversary may want to achieve credential access.

Enterprise Tactics: 14
ID Name Description
TA0043 Reconnaissance The adversary is trying to gather information they can use to plan future operations.
TA0042 Resource Development The adversary is trying to establish resources they can use to support operations.
TA0001 Initial Access The adversary is trying to get into your network.
TA0002 Execution The adversary is trying to run malicious code.
TA0003 Persistence The adversary is trying to maintain their foothold.
TA0004 Privilege Escalation The adversary is trying to gain higher-level permissions.
TA0005 Defense Evasion The adversary is trying to avoid being detected.
TA0006 Credential Access The adversary is trying to steal account names and passwords.
TA0007 Discovery The adversary is trying to figure out your environment.
TA0008 Lateral Movement The adversary is trying to move through your environment.
TA0009 Collection The adversary is trying to gather data of interest to their goal.
TA0011 Command and Control The adversary is trying to communicate with compromised systems to control them.
TA0010 Exfiltration The adversary is trying to steal data.
TA0040 Impact The adversary is trying to manipulate, interrupt, or destroy your systems and data.