Using MITRE ATT&CK™ in Threat Hunting and Detection

A preface to the MITRE ATT&CK™ Framework and practical uses

How do you prioritise the many threats to your organisation? How do you address them with the tools you already have?

MITRE ATT&CK, an open framework and knowledge base of adversary tactics and techniques based on real-world observations, provides a structured method to help you answer these questions.

ATT&CK is a powerful way to classify and study adversary techniques and understand their intent. You can use it to enhance, analyse, and test your threat hunting and detection efforts.

This white paper introduces you to ATT&CK and related tools and resources. You’ll learn:

  • The structure of ATT&CK, comprising tactics, techniques, examples, mitigation, and detection
  • How to use ATT&CK to assess, enhance, and test your monitoring, threat detection, and threat hunting efforts
  • How to apply five common ATT&CK techniques in your threat detection and hunting practice

Read the white paper to learn how to get started with MITRE ATT&CK.