MITRE ATT&CK (Adversarial Tactics, Techniques, and Common Knowledge) is a globally recognised reference framework and a open source knowledge base developed by the MITRE Corporation. This model is structured around dynamic matrices which detail the tactics (attacker objectives), the techniques (methods used) and procedures (TTP - Tactics, Techniques, and Procedures) used by the cybercriminals during real attacks.
Designed for standardise understanding of threatsThe MITRE ATT&CK covers a range of environments, including enterprise systems, mobile devices and industrial infrastructures. It serves as a common reference for security teams, enabling them toidentify vulnerabilities, d'improve intrusion detection (via rules SIEM or EDR), of reinforce intrusion tests (exercises Red Team/Blue Team) andenhance threat intelligence analysis.
Organisations are also using it to map attacker campaigns (such as APT), assess their safety posture and prioritise their defence investments. The framework, which is regularly updated on the basis of observations in the field and contributions from the community, promotes international cooperation between the public and private sectors.
Today, MITRE ATT&CK is a pillar of proactive cyber securityintegrated into tools such as SOCthreat hunting solutions and standards such as the NIST Cybersecurity Framework.
