Information Security Terminology

What is the MITRE ATT&CK Framework?

The MITRE ATT&CK is a knowledge base of cyber threat actor TTPs based on attack patterns observed. ATT&CK is used by cybersecurity teams as a foundation to develop threat models, methodologies, and incident response actions. Cybersecurity teams use the ATT&CK framework to build proactive security postures and reduce their cyber risk to specific TTPs.