top of page

What is MITRE's ATT&CK Matrix for Enterprise?

Updated: Feb 9

ATT&CK Matrix for Enterprise, developed by MITRE Corporation, is a security framework that stands for Adversarial Tactics, Techniques, and Common Knowledge. This framework encompasses the tactics, techniques, and general knowledge that cyber adversaries may utilize.


Designed to assist organizations in developing defense strategies against cyber threats, ATT&CK Matrix for Enterprise elaborates on various tactics and techniques that different attack groups and threat actors could employ. Organizations can use this matrix to review and enhance their defense strategies.

ATT&CK Matrix for Enterprise includes the following main components:


Matrix: Tactics and techniques are organized in a matrix format. The matrix provides a detailed overview of the methods attackers use to achieve various objectives, such as compromising a network, moving laterally, evading detection, and conducting discovery.


Tactics: Represent the general objectives of attackers. Examples of tactics include Discovery, Privilege Escalation, and Lateral Movement.


Techniques: Include the specific methods used to accomplish tactics. This section encompasses software, services, or tools employed to execute a tactic.


Common Knowledge: Provides general information to help cybersecurity experts and defense teams understand potential vulnerabilities and methods that attackers might use.

The ATT&CK Matrix for Enterprise is widely utilized by cybersecurity professionals in various industries. This framework serves as a comprehensive resource for organizations to strengthen their defense strategies and be better prepared against attacks.


MITRE ATT&CK Matrix for Enterprise is a matrix that includes the tactics and techniques used by cyber adversaries. This matrix helps in understanding and improving defense strategies against potential threats. ATT&CK Matrix for Enterprise is a comprehensive cybersecurity framework, hosting the following main matrices:


Reconnaissance Matrix: Unveiling the Landscape Before the Attack

  • Techniques used by attackers to gather intelligence and information about a target before launching an attack.

Resource Development Matrix: Building Arsenal for Cyber Warfare

Initial Access Matrix: Unveiling the Methods to Breach the Perimeter

  • Techniques and tactics employed by attackers to gain the first foothold in a target network.

Execution Matrix: Delving into the Execution of Malicious Code

  • Techniques used by attackers to run and execute malicious code on targeted systems.

Persistence Matrix: Strategies for Prolonged Access

  • Methods employed by attackers to maintain prolonged access to target systems.

Privilege Escalation Matrix: Elevating Access Levels

  • Techniques used by attackers to acquire higher levels of access within a system.

Defense Evasion Matrix: Navigating Without Detection

  • Techniques employed by attackers to evade detection and overcome defensive measures.

Credential Access Matrix: Gaining Entry through Credentials

  • Techniques used by attackers to obtain access to user credentials.

Discovery Matrix: Navigating the Network Landscape

  • Techniques employed by attackers to explore a target network and gather valuable information.

Lateral Movement Matrix: Advancing Horizontally within Networks

  • Techniques used by attackers to move laterally within a network, expanding their reach.

Collection Matrix: Gathering Intel for Strategic Advantage

  • Methods employed by attackers to collect information that serves their strategic objectives.

Command and Control Matrix: Orchestrating Attacks from the Shadows

  • Techniques used by attackers to establish and maintain command and control over compromised systems.

Exfiltration Matrix: Covertly Extracting Stolen Data

  • Techniques used by attackers to clandestinely transfer pilfered data from a compromised network.

Impact Matrix: Strategies for Disrupting Normal Operations

  • Methods employed by attackers to disrupt or manipulate normal operations within a target environment.


These matrices form the foundation of the ATT&CK framework, providing cybersecurity professionals with the means to be prepared against the tactics and techniques that threat actors may employ.


You can review our other articles to get more detailed information.

35 views0 comments

Comments


bottom of page