Skip to content

Top ATT&CK Techniques helps defenders approach the breadth and complexity of MITRE ATT&CK® with a prioritized top 10 list of techniques to focus on first.

License

Notifications You must be signed in to change notification settings

center-for-threat-informed-defense/top-attack-techniques

Repository files navigation

Top ATT&CK Techniques

Top ATT&CK Techniques provides defenders with a systematic approach to prioritizing MITRE ATT&CK® techniques. Our methodology considers technique prevalence, common attack choke points, and actionability to enable defenders to focus on the ATT&CK techniques that are most relevant to their organization.

Table of Contents:

Getting Started

The website hosts all of the resources for this project. The website is linked below along with some shortcuts to important pages on the website.

Resource Description
Web Site The website hosts the calculator, methodology, and ransomware top 10 list.
Ransomware Top 10 A curated top 10 list created by our expert ATT&CK analysts.
Calculator An interactive calculator for producing your own, customized top 10 lists.
Methodology An overview of the algorithms and analysis that power the calculator.

Getting Involved

There are several ways that you can get involved with this project and help advance threat-informed defense:

  • Review the Ransomware Top 10 list. If ransomware is a threat that your organization is tracking and working to mitigate, consult our Ransomware Top 10 list align your effort with our analytical process.
  • Make your own top 10 list. Use the calculator to create your own customized top 10 list of ATT&CK techniques.
  • Spread the word. If you find Top ATT&CK Techniques valuable, share your experience with your industry peers.

Questions and Feedback

Please submit issues on GitHub for any technical questions or requests. You may also contact [email protected] directly for more general inquiries about the Center for Threat-Informed Defense.

We welcome your contributions to help advance Top ATT&CK Tehcniques in the form of pull requests. Please review the contributor notice before making a pull request.

Notice

© 2022, 2024 MITRE Engenuity. Approved for public release. Document number(s) CT0047.

Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at

http://www.apache.org/licenses/LICENSE-2.0

Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License.

This project makes use of ATT&CK®: ATT&CK Terms of Use