Back
MITRE ATT&CK Framework
webattack.mitre.org·attack.mitre.org/
MITRE ATT&CK is the industry-standard taxonomy for cyber adversary behavior; relevant to AI safety for evaluating AI-enabled offensive capabilities, red-teaming AI systems, and informing threat models for AI deployment security.
Metadata
Importance: 55/100tool pagereference
Summary
MITRE ATT&CK is a globally accessible, open knowledge base cataloging adversary tactics and techniques based on real-world observations. It provides a structured matrix of attack behaviors across enterprise, mobile, and ICS environments, used by defenders, researchers, and policymakers to build threat models and improve cybersecurity defenses.
Key Points
- •Comprehensive taxonomy of adversary tactics (14 for Enterprise) and hundreds of techniques/sub-techniques derived from real-world intrusions
- •Used as a standard reference framework by private sector, government, and cybersecurity product communities for threat modeling
- •Covers the full attack lifecycle from Reconnaissance through Impact, enabling systematic gap analysis in defenses
- •Free and open resource maintained by MITRE, with community contribution mechanisms and regular updates
- •Relevant to AI security as a reference for evaluating offensive capabilities of AI systems and red-teaming AI-enabled attacks
Cited by 2 pages
| Page | Type | Quality |
|---|---|---|
| AI Misuse Risk Cruxes | Crux | 65.0 |
| AI Risk Warning Signs Model | Analysis | 70.0 |
Cached Content Preview
HTTP 200Fetched Apr 9, 202674 KB
MITRE ATT&CK®
ATT&CK v19 will be released April 28th! Check out this blog post for information on the planned deprecation of Enterprise's Defense Evasion tactic in the upcoming release.
Get Started
Take a Tour
Contribute
Blog
FAQ
Random Page
Toggle Dropdown
Toggle Dropdown
Matrix
Tactic
Technique
Data Source
Mitigation
Group
Software
Campaign
Asset
Tweets by MITREattack
-->
MITRE ATT&CK ® is a globally-accessible knowledge base of adversary tactics and techniques based on real-world observations. The ATT&CK knowledge base is used as a foundation for the development of specific threat models and methodologies in the private sector, in government, and in the cybersecurity product and service community.
With the creation of ATT&CK, MITRE is fulfilling its mission to solve problems for a safer world — by bringing communities together to develop more effective cybersecurity. ATT&CK is open and available to any person or organization for use at no charge.
Today we're launching a new system where the public can help us develop the next ATT&CK release through Macrotechnique Refinement.
To start refining FUZZYSNUGGLYDUCK, click here .
Fabulous prizes await success.
-->
ATT&CK Matrix for Enterprise
layout: side
side
flat
show sub-techniques
hide sub-techniques
Reconnaissance
Resource Development
Initial Access
Execution
Persistence
Privilege Escalation
Defense Evasion
Credential Access
Discovery
Lateral Movement
Collection
Command and Control
Exfiltration
Impact
11 techniques
8 techniques
11 techniques
17 techniques
23 techniques
14 techniques
47 techniques
17 techniques
34 techniques
9 techniques
17 techniques
18 techniques
9 techniques
15 techniques
Active Scanning (3)
=
Scanning IP Blocks
Vulnerability Scanning
Wordlist Scanning
Gather Victim Host Information (4)
=
Hardware
Software
Firmware
Client Configurations
Gather Victim Identity Information (3)
=
Credentials
Email Addresses
Employee Names
Gather Victim Network Information (6)
=
Domain Properties
DNS
Network Trust Dependencies
Network Topology
IP Addresses
Network Security Appliances
Gather Victim O
... (truncated, 74 KB total)Resource ID:
4c2168269b12c393 | Stable ID: OTA3YWQ5OT