ATT and amp;CK stands for adversarial tactics, techniques, and common knowledge. The framework, created by the MITRE organization, has a mission to capture the techniques, tactics, and procedures of advanced persistent threats that target Windows, Mac, and Linux devices. ATT and amp;CK Enterprise focuses on fingerprinting post-compromise adversaries inside enterprise environments.
This white paper explores the ATT and amp;CK Enterprise framework, and how security practitioners can use it to better dissect and assess security problems. It also cautions against potential avenues for misuse or misapplication of the framework by industry vendors and pundits alike.