0PricingLogin
Cyber Security Academy · Lesson

MITRE ATT&CK Framework

Navigate the ATT&CK matrix, map observed TTPs to techniques, and use Navigator for gap analysis.

What is MITRE ATT&CK?

MITRE ATT&CK (Adversarial Tactics, Techniques, and Common Knowledge) is a knowledge base of real-world adversary behavior. It provides a common language for describing attacks, organizing detection, and measuring security coverage.

ATT&CK Structure

ATT&CK organizes adversary behavior into: Tactics (the WHY — attacker goals), Techniques (the HOW), and Sub-techniques (specific implementation variants).

# 14 Enterprise Tactics:
# TA0001: Initial Access
# TA0002: Execution
# TA0003: Persistence
# TA0004: Privilege Escalation
# TA0005: Defense Evasion
# TA0006: Credential Access
# TA0007: Discovery
# TA0008: Lateral Movement
# TA0009: Collection
# TA0010: Exfiltration
# TA0011: Command and Control
# TA0040: Impact
# TA0042: Resource Development
# TA0043: Reconnaissance

All lessons in this course

  1. Threat Intelligence Types and Sources
  2. MITRE ATT&CK Framework
  3. STIX, TAXII, and Threat Sharing
  4. Operationalizing Intel: Threat Hunting
← Back to Cyber Security Academy