Mapping To Resource Development

For a given ATT&CK® tactic, the table shows the adversary techniques that are used, the active defense opportunities that are created, the active defense techniques that can then be applied, and use cases to illustrate possible applications.

Details
ATT&CK ID: TA0042

ATT&CK Technique Opportunity Space AD Technique Use Case
T1583 - Acquire Infrastructure There is an opportunity to gain visibility into newly created or previously unknown adversary infrastructure DTE0021 - Hunting A defender could use information about an adversary's TTPs in order to monitor for new adversary infrastructure and files.
T1585 - Establish Accounts Users trained and encouraged to report phishing can detect attacks that other defenses do not. DTE0035 - User Training A program to train and exercise the anti-phishing skills of users can create "Human Sensors" that help detect phishing attacks.
T1586 - Compromise Accounts Users trained and encouraged to report phishing can detect attacks that other defenses do not. DTE0035 - User Training A program to train and exercise the anti-phishing skills of users can create "Human Sensors" that help detect phishing attacks.