MITRE ATT&CK

MITRE ATT&CK™ offers the security community a common language to communicate about adversary tactics, techniques, and behaviors. In the articles and resources below, we offer guidance on how security teams can use the framework to expand detection coverage and increase visibility.

HOW SECURITY TEAMS LEVERAGE ATT&CK + RED CANARY
Analysts
Respond faster and stay ahead of adversaries
Architects and Engineers
Strengthen your security program and prioritize your efforts
Security Leaders
Improve security efficiencies, detection coverage, and reporting
Popular ATT&CK articles
 

Four tools to consider if you’re adopting ATT&CK

 

Testing the Top MITRE ATT&CK Techniques: PowerShell, Scripting, Regsvr32

 

Getting Started with ATT&CK? New Report Suggests Prioritizing PowerShell

 

ATT&CK™ Is Only as Good as Its Implementation: Avoiding Five Common Pitfalls

 

Using MITRE ATT&CK™ When Researching Attacker Behavior and Running Unit Tests

 

Q & A: How to Use the MITRE ATT&CK™ Framework to Mature Your Threat Hunting Program

 

Red Canary ATT&CKs (Part 3): Mapping Our Detectors to ATT&CK Techniques

 

Red Canary ATT&CKs (Part 1): Why We’re Using ATT&CK Across Red Canary

 
Popular ATT&CK resources
Webinars

ATT&CK Deep Dive: Persistence
Blog

10 Hackers Hacking: A Holiday Countdown of Retail Cybersecurity Threats
Webinars

ATT&CK Deep Dive: Lateral Movement
Webinars

Threat Hunting with ATT&CK: 3-Part Webinar Series
Webinars

How to Use the ATT&CK Framework to Mature Your Threat Hunting Program
Webinars

Becoming a Leader: An Inside Look at an Advanced Threat Hunting Program
SEE RED CANARY AND ATT&CK IN ACTION
Integrating MITRE ATT&CK™ into Red Canary detections
 
 
 

See what it's like to have a partner in the fight.

Experience the difference between a sense of security and actual security.
Demo