The MITRE ATT&CK® object describes the tactic, technique & sub-technique associated to an attack as defined in ATT&CK® Matrix.
Attributes
Section titled “Attributes”version
- Type:
string_t - Requirement: recommended
The ATT&CK® Matrix version.
sub_technique
- Type:
sub_technique - Requirement: optional
The Sub Technique object describes the sub technique ID and/or name associated to an attack, as defined by ATT&CK® Matrix.
tactic
- Type:
tactic - Requirement: optional
The Tactic object describes the tactic ID and/or name that is associated to an attack, as defined by ATT&CK® Matrix.
tactics
- Type:
tactic - Requirement: optional
The Tactic object describes the tactic ID and/or tactic name that are associated with the attack technique, as defined by ATT&CK® Matrix.
technique
- Type:
technique - Requirement: optional
The Technique object describes the technique ID and/or name associated to an attack, as defined by ATT&CK® Matrix.
Constraints
Section titled “Constraints”At least one of: tactic, technique, sub_technique
Used By
Section titled “Used By”data_security_findingdatastore_activitydetection_findingdhcp_activitydns_activityemail_activityemail_file_activityemail_url_activityevent_logfile_activityftp_activityhttp_activityincident_findingkernel_activitykernel_extensionmemory_activitymodule_activitynetwork_activitynetwork_file_activityntp_activityprocess_activityrdp_activityscheduled_job_activitysecurity_findingsmb_activityssh_activitytunnel_activityweb_resources_activitywin/registry_key_activitywin/registry_value_activitywin/resource_activitywin/win_service_activity