MITRE Shield will be retired on October 18th in favor of MITRE Engage. To learn more, click here.
Mapping To Resource Development
For a given ATT&CK® tactic, the table shows the adversary techniques that are used, the active defense opportunities that are created, the active defense techniques that can then be applied, and use cases to illustrate possible applications.
Details
ATT&CK ID:
TA0042
ATT&CK Technique |
Opportunity Space | AD Technique | Use Case |
|---|---|---|---|
| T1583 - Acquire Infrastructure | There is an opportunity to gain visibility into newly created or previously unknown adversary infrastructure | DTE0021 - Hunting | A defender could use information about an adversary's TTPs in order to monitor for new adversary infrastructure and files. |
| T1585 - Establish Accounts | Users trained and encouraged to report phishing can detect attacks that other defenses do not. | DTE0035 - User Training | A program to train and exercise the anti-phishing skills of users can create "Human Sensors" that help detect phishing attacks. |
| T1586 - Compromise Accounts | Users trained and encouraged to report phishing can detect attacks that other defenses do not. | DTE0035 - User Training | A program to train and exercise the anti-phishing skills of users can create "Human Sensors" that help detect phishing attacks. |