What is the MITRE ATT&CK Framework?

The MITRE ATT&CK framework stems from a knowledge base that features cyber threat intelligence from the world’s cyber security community.

Threat hunters who contribute offer insight in to adversary behavior sourced from real world observations of security incidents. The MITRE ATT&CK platform supports the development of methodologies and new techniques to support defensive coverage of organisations. Implementations made off of the back of MITRE ATT&CK threat intelligence lead to better outcomes for organisations in securing their data and business-critical assets.

CIRT process

What is the purpose of MITRE ATT&CK?

The purpose is to provide help with threat modelling based on real-world adversarial behavior. This can help a security operations center or security team improve their organization’s security posture.

MITRE ATT&CK offers detailed and cohesive insight in to tactics, techniques, and procedures (TTP) used by cyber criminals and malicious actors when carrying out cyber attacks.

ConnectDS – Your Security Operations Center & Threat Intelligence

As leading cyber security specialists we are here to consult with your security operations teams and review your existing tools. We can review your security coverage and ensure that your current tactics are aligned to effectively handle adversarial behaviors noted in the MITRE ATT&CK framework.

By reviewing everything from data sources and threat hunting capabilities to security tools and threat detection (as well as threat analysis), we offer insight in to the specific techniques needed to handle MITRE ATT&CK and its noted adversary tactics. We work with security teams (or alternatively, as your outsourced security team) to study your current tactics, techniques, and procedures (TTP) and analyse the cyber kill chain your organisation could be vulnerable to.

Frequently Asked Questions about MITRE ATT&CK:

Please see below for some common questions about MITRE ATT&CK. If you would prefer to speak to someone then give us a call and speak to one of our team in our Surrey or London offices to understand your requirements and learn how our security experts support other businesses in the United Kingdom.

There are many techniques associated with MITRE ATT&CK however these are broken down in to 14 areas; Reconnaissance, Resource Development, Initial Access, Execution, Persistence, Privilege Escalation, Defense Evasion, Credential Access, Discovery, Lateral Movement, Collection, Command and Control, Exfiltration, and Impact.

MITRE ATT&CK models different adversarial tactics used by malicious actors. Its purpose is to demonstrate real-world methods observed by cyber security analysts during all stages of the kill chain.

MITRE ATT&CK acts as a knowledge base curated by professionals world wide. Its information can be used to improve cyber security posture.

Security Orchestration, Automation, and Response. It includes your incident response platforms, threat intelligence platforms, and security orchestration and response.

MITRE D3FEND is complimentary to the MITRE ATT&CK framework. Instead of proffering adversarial tactics, it lists and prioritises cyber defense techniques used by secure organisation’s worldwide.

What is your current exposure
on the dark and open Web?

Speak to us today about getting one of our SOC security analysts to perform a FREE DARK WEB SECURITY ASSESSMENT & REPORT that will provide you with threat intelligence in relation to your current exposure.


Free Dark Web Reports are limited to 20 assessments per month

cyber exchange member logo
Cyber Essentials logo
CISP logo
IASME logo


Sign up to our email newsletter – opt out at anytime – view our Privacy Policy.