MITRE ATT&CK View¶
MITRE ATT&CK organizes adversary tactics and techniques.
In the Cybersecurity Ontology, MITRE ATT&CK primarily maps to Threats, Weaknesses, Safeguards, and Assurance.
Prototype mapping¶
| ATT&CK concept | Ontology mapping |
|---|---|
| Tactic | Threat objective |
| Technique | Threat behavior |
| Mitigation | Safeguard |
| Detection | Safeguard, Assurance |
| Data source | Assurance |
Interpretation¶
ATT&CK is strong for understanding adversary behavior. The ontology connects that behavior to protected assets, organizational weaknesses, safeguards, and proof of readiness.