MITRE ATT&CK Matrix and Threatcare
MITRE ATT&CK (Adversarial Tactics, Techniques, and Common Knowledge) is the industry standard for simulating cyber attacks.
With information changing daily, sometimes hourly, it can be difficult to keep up with the best practices of network protection. Luckily, MITRE developed a globally-accessible knowledge base of adversary tactics and techniques based on real-world observations. This framework has quickly become the standard to see if your security controls measure up to cybercriminals.
Threatcare’s leading Breach and Attack Simulation (BAS) solution maps to this popular MITRE ATT&CK framework. BAS solutions simulate (and automate) adversary behavior in a non-malicious manner, helping your organization gain insights into areas of potential vulnerability. Learn more about Breach and Attack Simulations.
Threatcare’s desktop BAS application maps to MITRE’s Adversarial Tactics, Techniques, and Common Knowledge (ATT&CKTM) for Enterprise by focusing on techniques, tactics, and procedures (TTPs) that adversaries use to make decisions, expand access, and execute their objectives within a network. Try Threatcare for free.
Threatcare aligns with the following MITRE ATT&CK tactics and their corresponding techniques. We frequently update our library of simulations, regularly adding additional MITRE tactics and techniques to Threatcare.
You can also see how Threatcare maps to the MITRE ATT&CK framework by downloading our MITRE ATT&CK Matrix.
Command-line interface, Mshta, Powershell, Scripting, Source, Space after Filename, Trap
User Execution, Create Account, Hidden Files and Directories, Trap
Access Token Manipulation, Clear Command History, Deobfuscate/Decode Files or Information, File Deletion, HISTCONTROL, Indicator Removal on Host, Mshta, Network Share Connection Removal, Space and Filename, Timestomp, Web Service
Brute Force, Credential Dumping, Credentials in Files
Account Discovery, File and Directory Discovery, Network Service Scanning, Remote System Directory, Security Software Discovery
Logon Scripts, Pass the Hash, Remote Desktop Protocol
Automated Collection, Data from Local System, Screen Capture
Data Compressed, Data Encrypted, Exfiltration Over Command and Control Protocol
Command and Control
Uncommonly Used Report, Web Service
To find out how you can leverage a solution like Threatcare, check out this Breach and Attack Simulation Guide written by Mike Ripp.