Scribd Logo
Upload

Welcome to Scribd!

  • 4 views

    (English) MITRE ATT&CK® Framework (DownSub - Com)

    Uploaded by

    Qtell ll
    The ATT&CK framework developed by MITRE describes how cyber adversaries penetrate networks, move laterally within them, escalate privileges, and evade defenses. It models adversary behavior through tactics and techniques - the specific objectives and methods they use. Understanding these tactics and techniques allows organizations to better detect and prevent adversary behavior within their networks. The framework is intended to provide a shared knowledge base for analyzing adversary behavior across different technology domains.

    Copyright:

    © All Rights Reserved
    Download as TXT, PDF, TXT or read online from Scribd
    Flag for inappropriate content

    You might also like

    (English) MITRE ATT&CK® Framework (DownSub - Com)

    Uploaded by

    Qtell ll
    4 views4 pages
    The ATT&CK framework developed by MITRE describes how cyber adversaries penetrate networks, move laterally within them, escalate privileges, and evade defenses. It models adversary behavior through tactics and techniques - the specific objectives and methods they use. Understanding these tactics and techniques allows organizations to better detect and prevent adversary behavior within their networks. The framework is intended to provide a shared knowledge base for analyzing adversary behavior across different technology domains.

    Original Description:

    Original Title

    [English] MITRE ATT&CK® Framework [DownSub.com]

    Copyright

    © © All Rights Reserved

    Available Formats

    TXT, PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document
    The ATT&CK framework developed by MITRE describes how cyber adversaries penetrate networks, move laterally within them, escalate privileges, and evade defenses. It models adversary behavior through tactics and techniques - the specific objectives and methods they use. Understanding these tactics and techniques allows organizations to better detect and prevent adversary behavior within their networks. The framework is intended to provide a shared knowledge base for analyzing adversary behavior across different technology domains.

    Copyright:

    © All Rights Reserved
    Download as TXT, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    Download as txt, pdf, or txt
    4 views4 pages

    (English) MITRE ATT&CK® Framework (DownSub - Com)

    Uploaded by

    Qtell ll
    The ATT&CK framework developed by MITRE describes how cyber adversaries penetrate networks, move laterally within them, escalate privileges, and evade defenses. It models adversary behavior through tactics and techniques - the specific objectives and methods they use. Understanding these tactics and techniques allows organizations to better detect and prevent adversary behavior within their networks. The framework is intended to provide a shared knowledge base for analyzing adversary behavior across different technology domains.

    Copyright:

    © All Rights Reserved
    Download as TXT, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    Download as txt, pdf, or txt
    of 4

    - [Narrator] It's been reported

    that once an organization

    is breached, adversaries
    typically lurk on networks

    for months before being detected.

    How did they get in?

    How are they moving around?

    What are they doing?

    So, where do you start?

    MITRE's ATT&CK framework describes

    how adversaries penetrate networks

    and then move laterally,


    escalate privileges,

    and generally evade your defenses.

    ATT&CK looks at the problem


    from the perspective

    of the adversary.

    What goals they are trying to achieve,

    and what specific methods they use.

    ATT&CK organizes adversary behaviors

    into a series of tactics,


    specific technical objectives

    that an attacker wants to achieve.

    Some examples of tactics


    include defensive evasion,

    lateral movement, and exfiltration.

    Within each tactic category,

    ATT&CK defines a series of techniques.

    Each technique describes


    one way an adversary

    may try to achieve that objective.

    There are multiple


    techniques within each tactic

    because adversaries may


    use different methods based

    on their own expertise or


    things like the availability

    of tools, or how your


    systems are configured.

    Each technique to find an attack

    includes a description of the


    method used by the adversary,

    the systems or platforms it applies to,

    and where known,

    what specific adversary groups

    use this technique.

    Techniques also describe ways


    to mitigate the behavior,

    along with any published references

    to the technique being employed.

    ATT&CK helps you understand


    how adversaries might operate

    so you can plan how to


    detect or stop that behavior.

    Armed with this knowledge,

    you can better understand


    the different ways

    an adversary prepares for launches

    and executes their attacks.

    Another important use

    of ATT&CK is to help you


    detect an adversary's actions.

    The ATT&CK framework


    includes resources designed

    to help you develop analytics

    that detect the techniques


    used by an adversary.

    ATT&CK also maintains a library

    of information about
    selected adversary groups

    and the campaigns they've conducted.

    And since ATT&CK is based


    on real-world observations,

    it allows you to correlate


    specific adversaries

    and the techniques they've used.

    Because adversaries often


    use different techniques

    to attack different
    platforms and technologies,

    the ATT&CK framework is


    divided into a series

    of technology domains.

    Domains currently covered


    by ATT&CK include,

    enterprise networks with Windows

    and Linux operating


    systems and mobile devices.

    The ATT&CK framework can


    help your organization

    better understand the


    techniques specific adversaries

    are likely to use.

    Information you can use


    to evaluate your defenses

    and strengthen them where it matters most.

    MITRE is building a
    community around ATT&CK

    so that experts in different domains

    and technologies can


    come together to refine

    and extend the knowledge


    contained in the framework.

    And because MITRE is a


    not-for-profit organization operating

    in the public interest,


    we can provide a conflict-free environment

    to create collect, share,


    and manage this information,

    making it available to everyone.

    Learn more about ATT&CK


    and what else we're doing

    in cyber threat intelligence.

    MITRE, We solve problems


    for a safer world.

    You might also like