# MITRE ATT@CK framework Tags: #frameworks #MitreAttack ## **Definition:** The MITRE ATT&CK Framework is a globally accessible knowledge base of adversary behaviors, tactics, and techniques used in cyberattacks. It helps security professionals understand, detect, and defend against real-world threats. **Structure:** - **Tactics** – _What_ the attacker is trying to achieve (e.g., Persistence, Privilege Escalation) - **Techniques** – _How_ the attacker achieves that (e.g., Credential Dumping) - **Sub-techniques** – More specific implementations - **Procedures** – Real examples from known threat actors ## **Use Cases:** - Threat detection & hunting - Red/blue teaming - Mapping security gaps - Building defensive playbooks ## **Why It Matters:** MITRE ATT&CK gives structure to defense. It helps orgs move beyond tools and logs, focusing on attacker behavior. **Bonus:** There's also **ATT&CK for Enterprise**, **Cloud**, **Mobile**, and **ICS** (Industrial Control Systems). ## **Also Known As:** - ATT&CK Matrix - Adversarial Tactics Techniques & Common Knowledge --- # References > *Mitre ATT@CK Website*: https://attack.mitre.org/