MITRE

• ATT&CK ® (Adversarial Tactics, Techniques, and Common Knowledge) Framework
• CAR (Cyber Analytics Repository) Knowledge Base
• ENGAGE
• D3FEND (Detection, Denial, and Disruption Framework Empowering Network Defense)
• AEP (ATT&CK Emulation Plans)

APT = Advanced Persistent Threat

TTPs = Tactics, Techniques, and Procedures

See threat descriptions.

---

ATT&CK ® Matrix for Enterprise contains 14 categories that cover the 7 tactics from Lockheed Martin’s Cyber Kill Chain.

Navigate to https://attack.mitre.org/ . You can view tactics (and tactic IDs) from Tactics > Enterprise.

The ATT&CK ® Navigator tool can be useful for mapping TTPs.

With this, one can generally map an attack to a specific threat group.

---

CAR is a collection of analytics. Navigate to https://car.mitre.org/ .

---

Engage is a framework for an Adversary Engagement Approach, accomplished by Cyber Denial and Cyber Deception.

Navigate to https://engage.mitre.org/starter-kit/ .

The matrix is accessible via navigating to https://engage.mitre.org/matrix/ .

The handbook is accessible via navigating to https://engage.mitre.org/wp-content/uploads/2022/04/EngageHandbook-v1.0.pdf .

---

D3FEND is a knowledge graph of cybersecurity countermeasures.

Navigate to https://d3fend.mitre.org/ .

---

ATT&CK is how adversaries attack, D3FEND is how defenders respond.