Article Source

• Introduction To The MITRE ATT&CK Framework

Introduction To The MITRE ATT&CK Framework

Abstract

Hey guys, HackerSploit here back again with another video. This video will introduce you to the MITRE ATT&CK framework and will illustrate how it can be operationalized for Red Team and Blue Team operations.

• THE MITRE ATT&CK FRAMEWORK

THE MITRE ATT&CK FRAMEWORK

The MITRE ATT&CK framework is a globally-accessible knowledge base of adversary tactics and techniques based on real-world threats and threat actors (APT groups). It was developed to improve the understanding of how cyber attacks are performed.

ATT&CK is an abbreviation for Adversarial Tactics, Techniques, and Common Knowledge.

The MITRE ATT&CK Framework is typically employed/used as a baseline and model for adversarial behavior and highlights the various phases of an adversary/threat attack lifecycle, what software they employ, and the OSs they target.

It is mostly used by Red/Blue Teamers to plan, implement, and orchestrate engagements based on specific threat actors/APTs. (adversary emulation/simulation)

It is also a valuable resource for blue teamers as it details the various TTPs used by specific threat actors and provides companies with valuable cyber threat intelligence (CTI) that can consequently be used to implement defenses and mitigations.

MITRE ATT&CK categorizes adversarial techniques into a collection of tactics further organized into techniques, sub-techniques, and procedures (TTPs).