What is MITRE ATT&CK ? — Part-1
#cybersecurity
MITRE ATT&CK is a globally-accessible knowledge base of attacker’s tactics and techniques based on real-world observations of cybersecurity threats. They’re displayed in matrices that are arranged by attack stages, from initial system access to data theft or machine control. There are matrices for common desktop platforms —
Linux, macOS and Windows, technologies like cloud, containers, network, ICS, and mobile platforms
Let’s study on different types of attack techniques using MITRE ATT&CK framework :)
ATT&CK stands for adversarial tactics, techniques, and common knowledge. The tactics are a modern way of looking at cyberattacks.
The Enterprise ATT&CK matrix has 14 tactics as below:
- Reconnaissance — TA0043
- Resource Development — TA0042
- Initial Access — TA0041
- Execution — TA0002
- Persistence — TA0003
- Privilege Escalation — TA0004
- Defense Evasion — TA0005
- Credential Access — TA0006
- Discovery — TA0007
- Lateral Movement — TA0008
- Collection — TA0009
- Command & Control — TA0011
- Exfiltration — TA0010
- Impact — TA0040
I know its tough to remeber all the matrix, so here is the shortcut to remember all with first letter of each — “RRIEPPDCDLCCEI”
I know its foolish shortcut ;) ,,,,, Just kidding 😂😂 >> there is no shortcuts 😁😁
I am updating the picture of above matrix by breaking into pieces to fit in this page — Please visit https://attack.mitre.org/#
Let’s see all the matrix with detailed techniques in Part-2
