MITRE ATT&CK is a globally recognized framework used by security professionals to understand and classify cyber threats. It was created by MITRE Corporation, a non-profit organization that manages federal research and development centers in the United States. The latest version of MITRE ATT&CK is Version 12, which was released in 2023.
In this article, we will introduce you to MITRE ATT&CK and explore the features of Version 12.
What is MITRE ATT&CK?
MITRE ATT&CK stands for Adversarial Tactics, Techniques & Common Knowledge. It is a knowledge base that describes the tactics and techniques used by cyber attackers to gain access to a system, maintain persistence, and exfiltrate data. It provides a common language and framework that enables security professionals to understand and classify cyber threats.
MITRE ATT&CK is divided into two main sections - Tactics and Techniques. Tactics are high-level categories that describe the overall goals of a cyber attack, such as Initial Access or Collection. Techniques, on the other hand, are specific methods used to achieve those goals, such as Spearphishing or Command and Control.
MITRE ATT&CK is continuously updated and maintained by a team of experts who monitor emerging cyber threats and update the framework accordingly.
Features of Version 12
MITRE ATT&CK is divided into two main sections - Tactics and Techniques. Tactics are high-level categories that describe the overall goals of a cyber attack, such as Initial Access or Collection. Techniques, on the other hand, are specific methods used to achieve those goals, such as Spearphishing or Command and Control.
MITRE ATT&CK is continuously updated and maintained by a team of experts who monitor emerging cyber threats and update the framework accordingly.
Features of Version 12
MITRE ATT&CK Version 12 introduces several new features and updates, including:
New Tactics: MITRE ATT&CK Version 12 introduces two new tactics - Impact and Lateral Movement. Impact describes the actions taken by an attacker to cause damage or disruption to a system or network. Lateral Movement describes the techniques used by an attacker to move through a network and gain access to sensitive information.
New Techniques:
New Tactics: MITRE ATT&CK Version 12 introduces two new tactics - Impact and Lateral Movement. Impact describes the actions taken by an attacker to cause damage or disruption to a system or network. Lateral Movement describes the techniques used by an attacker to move through a network and gain access to sensitive information.
New Techniques:
Version 12 adds several new techniques, including Spearphishing for Credential Harvesting, Domain Fronting, and PowerShell Remoting.
Enhanced Sub-techniques:
Enhanced Sub-techniques:
Version 12 includes enhancements to existing sub-techniques, providing more detailed information on how attackers carry out specific techniques.
Improved Navigation:
Improved Navigation:
The MITRE ATT&CK website has been updated with improved navigation, making it easier for users to find and access the information they need.
Why is MITRE ATT&CK important? MITRE ATT&CK is a valuable resource for security professionals as it provides a comprehensive framework for understanding and responding to cyber threats. By using MITRE ATT&CK, security teams can identify the techniques and tactics used by attackers and develop effective defense strategies. It also enables organizations to assess their security posture and identify any gaps or weaknesses that need to be addressed.
Conclusion MITRE ATT&CK is a valuable resource for anyone involved in cybersecurity. Its latest version, Version 12, introduces new tactics, techniques, and enhancements that provide even greater insight into cyber threats. By using MITRE ATT&CK, security professionals can stay ahead of emerging threats and develop effective defense strategies to protect their organizations.
Why is MITRE ATT&CK important? MITRE ATT&CK is a valuable resource for security professionals as it provides a comprehensive framework for understanding and responding to cyber threats. By using MITRE ATT&CK, security teams can identify the techniques and tactics used by attackers and develop effective defense strategies. It also enables organizations to assess their security posture and identify any gaps or weaknesses that need to be addressed.
Conclusion MITRE ATT&CK is a valuable resource for anyone involved in cybersecurity. Its latest version, Version 12, introduces new tactics, techniques, and enhancements that provide even greater insight into cyber threats. By using MITRE ATT&CK, security professionals can stay ahead of emerging threats and develop effective defense strategies to protect their organizations.