MITRE ATT&CK

MITRE ATT&CK™ offers the security community a common language to communicate about adversary tactics, techniques, and behaviors. In the articles and resources below, we offer guidance on how security teams can use the framework to expand detection coverage and increase visibility.

 

Four tools to consider if you’re adopting ATT&CK

 

Testing the Top MITRE ATT&CK Techniques: PowerShell, Scripting, Regsvr32

 

Getting Started with ATT&CK? New Report Suggests Prioritizing PowerShell

 

ATT&CK™ Is Only as Good as Its Implementation: Avoiding Five Common Pitfalls

 

Using MITRE ATT&CK™ When Researching Attacker Behavior and Running Unit Tests

 

Q & A: How to Use the MITRE ATT&CK™ Framework to Mature Your Threat Hunting Program

 

Red Canary ATT&CKs (Part 3): Mapping Our Detectors to ATT&CK Techniques

 

Red Canary ATT&CKs (Part 1): Why We’re Using ATT&CK Across Red Canary

Integrating MITRE ATT&CK™ into Red Canary detections