MITRE ATT&CK™ offers the security community a common language to communicate about adversary tactics, techniques, and behaviors. In the articles and resources below, we offer guidance on how security teams can use the framework to expand detection coverage and increase visibility.


Four tools to consider if you’re adopting ATT&CK


Testing the Top MITRE ATT&CK Techniques: PowerShell, Scripting, Regsvr32


Getting Started with ATT&CK? New Report Suggests Prioritizing PowerShell


ATT&CK™ Is Only as Good as Its Implementation: Avoiding Five Common Pitfalls


Using MITRE ATT&CK™ When Researching Attacker Behavior and Running Unit Tests


Q & A: How to Use the MITRE ATT&CK™ Framework to Mature Your Threat Hunting Program


Red Canary ATT&CKs (Part 3): Mapping Our Detectors to ATT&CK Techniques


Red Canary ATT&CKs (Part 1): Why We’re Using ATT&CK Across Red Canary

Integrating MITRE ATT&CK™ into Red Canary detections