The MITRE ATT&CK Framework defines 13 techniques within the Impact category. These techniques describe how adversaries can disrupt the availability, integrity, or confidentiality of systems and data. Below is a desc...
The Mitre Att&ck Framework has defined nine techniques in the Exfiltration category.
The Automated Exfiltration technique is when the malware that the threat actor used to compromise the target is programmed to a...
The Mitre Att&ck Matrix has 16 techniques in the Command and Control Category.
Application Layer Protocol is when a command and control system utilizes an application layer protocol such as DNS or HTTP to attempt...
The Mitre Att&ck Matrix has defined 17 techniques for the Collection Category.
Adversary-In-The-Middle is when a threat actor redirects traffic from a target to the threat actor so the threat actor can collect da...
Mitre Att&ck Matrix has defined nine techniques to cover Lateral Movement. Lateral Movement is tied three ways, in terms of being the second least complicated category.
Exploitation of Remote Services is when a t...
The Mitre Att&ck Matrix has set 30 Techniques in the Discovery category. Discovery is Mitre Att&ck Matrix’s second most complex category. These are generally steps taken to enumerate the target the threat acto...
The Mitre Att&ck Matrix has defined 17 sub-techniques to define the Credential Access Technique.
Adversary-in-the-Middle is when a threat actor intercepts traffic from a target to capture or manipulate before sen...
The Mitre Att&ck Matrix’s most complex technique is Defense Evasion. Mitre has defined a whopping 42 sub-techniques to cover the Defense Evasion technique!
Abuse Elevation Control Mechanism is when a threat act...
The Mitre Att&ck Matrix has defined 13 techniques for Privilege Escalation.
Abuse Elevation Control Mechanism is when a threat actor utilizes a flaw in a mechanic used to elevate privileges to grant privileges. E...
The Mitre Att&ck Matrix has defined 19 techniques under the Persistence category.
Account Manipulation is when a threat actor modifies an existing account to maintain access. Be it from credentials to permissions...