ATT&CK stands for adversarial tactics, techniques, and common knowledge. The framework, created by the MITRE organization, has a mission to capture the techniques, tactics, and procedures of advanced persistent threats that target Windows, Mac, and Linux devices. ATT&CK Enterprise focuses on fingerprinting post-compromise adversaries inside enterprise environments.
This white paper explores the ATT&CK Enterprise framework, and how security practitioners can use it to better dissect and assess security problems. It also cautions against potential avenues for misuse or misapplication of the framework by industry vendors and pundits alike.