The MITRE ATT&CK (Adversarial Tactics, Techniques, and Common Knowledge) is a globally accessible knowledge base documenting the tactics and techniques used by cyber adversaries based on real-world observations. This framework is used to develop threat models and methodologies in the private sector, government, and the cybersecurity product and service community.

• Improve threat understanding: Provide detailed knowledge of adversaries’ tactics and techniques to improve defense against cyber threats.
• Facilitate information sharing: Create a common language for sharing threat information across organizations and sectors.
• Support proactive defense: Help organizations develop detection and response capabilities based on adversary behavior.

The framework is applicable to any organization that wants to improve its cybersecurity posture. It is used by defense teams, threat intelligence analysts, adversary emulation teams, and security engineers to enhance their ability to detect, respond to, and mitigate cyber threats.

• Tactics: Represent the “why” or the reason an adversary performs an action.
• Techniques: Represent the “how” adversaries achieve their tactical goals by executing an action.
• Sub-techniques: More specific or lower-level descriptions of adversary behavior.
• Procedures: Specific implementations or field-observed uses of techniques or sub-techniques.

The MITRE ATT&CK Framework was first published in 2013 and is continuously updated to reflect new observations and trends in the cyber threat landscape.
Always updated version of the MITRE ATT&CK: MITRE ATT&CK