MITRE ATT&CK® is a globally-accessible knowledge base of adversary tactics and techniques based on real-world observations. The ATT&CK knowledge base is used as a foundation for the development of specific threat models and methodologies in the private sector, in government, and in the cybersecurity product and service community. Further details on the MITRE ATT&CK® framework can be found at https://attack.mitre.org/ Our red team operations tooling courses map to the MITRE ATT&CK® matrix tactics, techniques, and procedures. Each course focuses on the use of a specific industry-standard, generally open source, tool to carry out adversary emulation. Knowing what a tool is and how it can perform a specific task, will ultimately lend to your ability as an organization or an individual to detect and defend against specific attack vectors.
Syllabus
- Introduction
- ATT&CK – Reconnaissance (TA0043)
- ATT&CK – Resource Development (TA0042)
- ATT&CK – Initial Access (TA0001)
- ATT&CK – Execution (TA0002)
- ATT&CK – Persistence (TA0003)
- ATT&CK – Privilege Escalation (TA0004)
- ATT&CK – Defense Evasion (TA0005)
- ATT&CK – Credential Access (TA0006)
- ATT&CK – Discovery (TA0007)
- ATT&CK – Lateral Movement (TA0008)
- ATT&CK – Collection (TA0009)
- ATT&CK – Command and Control (TA0011)
- ATT&CK – Exfiltration (TA0010)
- ATT&CK – Impact (TA0040)
