Matrices
Enterprise
Mobile
ICS
Tactics
Enterprise
Mobile
ICS
Techniques
Enterprise
Mobile
ICS
Defenses
Data Sources
Mitigations
Enterprise
Mobile
ICS
Assets
CTI
Groups
Software
Campaigns
Resources
Get Started
Learn More about ATT&CK
ATT&CKcon
ATT&CK Data & Tools
FAQ
Engage with ATT&CK
Legal & Branding
Search
ATT&CKcon 5.0 returns October 22-23, 2024 in McLean, VA. Register for in-person participation
here
. Stay tuned for virtual registration!
RESOURCES
Get Started
Learn More about ATT&CK
Presentation Archive
Trainings
CTI
Purple Teaming Fundamentals
ATT&CK Fundamentals
Adversary Emulation
Access Tokens Technical Primer
SOC Assessments
Threat Hunting
Detection Engineering
ATT&CKcon
ATT&CKcon 5.0
ATT&CKcon 4.0
ATT&CKcon 3.0
ATT&CKcon Power Hour
ATT&CKcon 2.0
ATT&CKcon 2018
ATT&CK Data & Tools
FAQ
Engage with ATT&CK
Stay Informed
Contribute
Benefactors
Legal & Branding
Home
Resources
Get Started
Detections and Analytics
Detections and Analytics
ATT&CK can help cyber defenders develop analytics that detect the techniques used by an adversary.
Getting Started with ATT&CK: Detection and Analytics Blog Post
This blog post describes how you can get started using ATT&CK for detection and analytics at three different levels of sophistication. (June 2019)
Cyber Analytics Repository (CAR)
ATT&CK is the framework of what adversaries do, and CAR is a knowledge base of analytics based on ATT&CK.
This blog post on CAR
explains our work to improve it. (December 2018)
Finding Cyber Threats with ATT&CK-Based Analytics
Presents a methodology for using ATT&CK to build, test, and refine behavioral-based analytic detection capabilities. (June 2017)
CASCADE
This MITRE research project seeks to automate “blue team” work, including running analytics.
ATT&CKing the Status Quo Presentation
The latter part of this presentation provides an introduction to using ATT&CK to create analytics.
Slides are also available.
(September 2018)
ATT&CKcon 2018 presentations
Many people in the ATT&CK community are doing excellent work with analytics and detection. We encourage you to take a look at these presentations for ideas. (October 2018)
Return to Get Started
×
load more results