MITRE ATT&CK details.
JSON representation |
---|
{ "version": string, "tactics": [ { object ( |
Fields | |
---|---|
version |
ATT&CK version (e.g. 12.1). |
tactics[] |
Tactics employed. |
techniques[] |
Techniques employed. |
Tactic
Tactic information related to an attack or threat.
JSON representation |
---|
{ "id": string, "name": string } |
Fields | |
---|---|
id |
Tactic ID (e.g. "TA0043"). |
name |
Tactic Name (e.g. "Reconnaissance") |
Technique
Technique information related to an attack or threat.
JSON representation |
---|
{ "id": string, "name": string, "subtechniqueId": string, "subtechniqueName": string } |
Fields | |
---|---|
id |
Technique ID (e.g. "T1595"). |
name |
Technique Name (e.g. "Active Scanning"). |
subtechniqueId |
Subtechnique ID (e.g. "T1595.001"). |
subtechniqueName |
Subtechnique Name (e.g. "Scanning IP Blocks"). |