The Attack object describes the technique and associated tactics related to an attack. See MITRE ATT&CK®.
Attributes
Section titled “Attributes”tactics
- Type:
tactic - Requirement: required
The a list of tactic ID’s/names that are associated with the attack technique, as defined by ATT&CK MatrixTM.
technique
- Type:
technique - Requirement: required
The attack technique.
version
- Type:
string_t - Requirement: required
The ATT&CK Matrix version.
Used By
Section titled “Used By”dns_activityemail_activityemail_file_activityemail_url_activityfile_activityftp_activityhttp_activitykernel_activitykernel_extensionmemory_activitymodule_activitynetwork_activityprocess_activityrdp_activityscheduled_job_activitysecurity_findingsmb_activityssh_activitywin/registry_key_activitywin/registry_value_activitywin/resource_activity