AttackDetails

MITRE ATT&CK details.

JSON representation
{
  "version": string,
  "tactics": [
    {
      object (Tactic)
    }
  ],
  "techniques": [
    {
      object (Technique)
    }
  ]
}
Fields
version

string

ATT&CK version (e.g. 12.1).

tactics[]

object (Tactic)

Tactics employed.

techniques[]

object (Technique)

Techniques employed.

Tactic

Tactic information related to an attack or threat.

JSON representation
{
  "id": string,
  "name": string
}
Fields
id

string

Tactic ID (e.g. "TA0043").

name

string

Tactic Name (e.g. "Reconnaissance")

Technique

Technique information related to an attack or threat.

JSON representation
{
  "id": string,
  "name": string,
  "subtechniqueId": string,
  "subtechniqueName": string
}
Fields
id

string

Technique ID (e.g. "T1595").

name

string

Technique Name (e.g. "Active Scanning").

subtechniqueId

string

Subtechnique ID (e.g. "T1595.001").

subtechniqueName

string

Subtechnique Name (e.g. "Scanning IP Blocks").