Information Security Terminology
What is the MITRE ATT&CK Framework?
MITRE ATT&CK is a knowledge base of cyber threat actor TTPs based on real-world observed attack patterns. ATT&CK is used by cybersecurity teams as a foundation to develop threat models, methodologies, and standard response actions. Threat hunters use the ATT&CK framework to select different attack patterns and hunt for potential breaches using the TTPs associated with them. Advanced cybersecurity teams also use the ATT&CK framework to build proactive security postures and reduce their cyber risk to specific threat actor campaigns.