Matrix
Tactics
All
Channel
Collect
Contain
Detect
Disrupt
Facilitate
Legitimize
Test
Techniques
ATT&CK® Mapping
Overview
ATT&CK Groups
Reconnaissance
Resource Development
Initial Access
Execution
Persistence
Privilege Escalation
Defense Evasion
Credential Access
Discovery
Lateral Movement
Collection
Exfiltration
Command and Control
Impact
Complete Mapping
Resources
Getting Started
FAQ
Related Projects
Contribute
Updates
Blog
Search
MITRE Shield will be retired on October 18th in favor of
MITRE Engage
. To learn more,
click here
.
Active Defense Tactics
Channel
Admin Access
API Monitoring
Application Diversity
Decoy Account
Decoy Content
Decoy Credentials
Decoy Diversity
Decoy Network
Decoy Persona
Decoy Process
Decoy System
Detonate Malware
Migrate Attack Vector
Network Diversity
Network Manipulation
Peripheral Management
Pocket Litter
Security Controls
Software Manipulation
Collect
API Monitoring
Application Diversity
Backup and Recovery
Decoy Account
Decoy Content
Decoy Credentials
Decoy Network
Decoy System
Detonate Malware
Email Manipulation
Hunting
Network Diversity
Network Monitoring
PCAP Collection
Peripheral Management
Protocol Decoder
Security Controls
System Activity Monitoring
Software Manipulation
Contain
Admin Access
Baseline
Decoy Account
Decoy Network
Detonate Malware
Hardware Manipulation
Isolation
Migrate Attack Vector
Network Manipulation
Security Controls
Software Manipulation
Detect
API Monitoring
Application Diversity
Baseline
Behavioral Analytics
Decoy Account
Decoy Content
Decoy Credentials
Decoy Diversity
Decoy Network
Decoy Persona
Decoy System
Email Manipulation
Hunting
Isolation
Network Manipulation
Network Monitoring
PCAP Collection
Pocket Litter
Protocol Decoder
Standard Operating Procedure
System Activity Monitoring
User Training
Software Manipulation
Disrupt
Admin Access
Application Diversity
Backup and Recovery
Baseline
Behavioral Analytics
Decoy Content
Decoy Credentials
Decoy Network
Email Manipulation
Hardware Manipulation
Isolation
Network Manipulation
Security Controls
Standard Operating Procedure
User Training
Software Manipulation
Facilitate
Admin Access
Application Diversity
Behavioral Analytics
Burn-In
Decoy Account
Decoy Content
Decoy Credentials
Decoy Diversity
Decoy Persona
Decoy System
Network Diversity
Network Manipulation
Peripheral Management
Pocket Litter
Security Controls
Software Manipulation
Legitimize
Application Diversity
Burn-In
Decoy Account
Decoy Content
Decoy Credentials
Decoy Diversity
Decoy Network
Decoy Persona
Decoy Process
Decoy System
Network Diversity
Pocket Litter
Test
Admin Access
API Monitoring
Application Diversity
Backup and Recovery
Decoy Account
Decoy Content
Decoy Credentials
Decoy Diversity
Decoy Network
Decoy Persona
Decoy System
Detonate Malware
Migrate Attack Vector
Network Diversity
Network Manipulation
Peripheral Management
Pocket Litter
Security Controls
Software Manipulation
Home
>
Matrix
Active Defense Matrix
The Shield matrix consists of the following core components:
Tactics, denoting what the defender is trying to accomplish (the columns).
Techniques, describing how the defense achieves the tactic(s) (the individual cells).
Channel
Collect
Contain
Detect
Disrupt
Facilitate
Legitimize
Test
Admin Access
API Monitoring
Admin Access
API Monitoring
Admin Access
Admin Access
Application Diversity
Admin Access
API Monitoring
Application Diversity
Baseline
Application Diversity
Application Diversity
Application Diversity
Burn-In
API Monitoring
Application Diversity
Backup and Recovery
Decoy Account
Baseline
Backup and Recovery
Behavioral Analytics
Decoy Account
Application Diversity
Decoy Account
Decoy Account
Decoy Network
Behavioral Analytics
Baseline
Burn-In
Decoy Content
Backup and Recovery
Decoy Content
Decoy Content
Detonate Malware
Decoy Account
Behavioral Analytics
Decoy Account
Decoy Credentials
Decoy Account
Decoy Credentials
Decoy Credentials
Hardware Manipulation
Decoy Content
Decoy Content
Decoy Content
Decoy Diversity
Decoy Content
Decoy Diversity
Decoy Network
Isolation
Decoy Credentials
Decoy Credentials
Decoy Credentials
Decoy Network
Decoy Credentials
Decoy Network
Decoy System
Migrate Attack Vector
Decoy Diversity
Decoy Network
Decoy Diversity
Decoy Persona
Decoy Diversity
Decoy Persona
Detonate Malware
Network Manipulation
Decoy Network
Email Manipulation
Decoy Persona
Decoy Process
Decoy Network
Decoy Process
Email Manipulation
Security Controls
Decoy Persona
Hardware Manipulation
Decoy System
Decoy System
Decoy Persona
Decoy System
Hunting
Software Manipulation
Decoy System
Isolation
Network Diversity
Network Diversity
Decoy System
Detonate Malware
Network Diversity
Email Manipulation
Network Manipulation
Network Manipulation
Pocket Litter
Detonate Malware
Migrate Attack Vector
Network Monitoring
Hunting
Security Controls
Peripheral Management
Migrate Attack Vector
Network Diversity
PCAP Collection
Isolation
Standard Operating Procedure
Pocket Litter
Network Diversity
Network Manipulation
Peripheral Management
Network Manipulation
User Training
Security Controls
Network Manipulation
Peripheral Management
Protocol Decoder
Network Monitoring
Software Manipulation
Software Manipulation
Peripheral Management
Pocket Litter
Security Controls
PCAP Collection
Pocket Litter
Security Controls
System Activity Monitoring
Pocket Litter
Security Controls
Software Manipulation
Software Manipulation
Protocol Decoder
Software Manipulation
Standard Operating Procedure
System Activity Monitoring
User Training
Software Manipulation
Search Results
×
Link
Preview