ATT&CK
  • 1 Minute to read
  • PDF

ATT&CK

  • PDF

Introduction


ATT&CK (Adversarial Tactics, Techniques, and Common Knowledge) is a matrix of different cyberattack techniques sorted by various tactics.

All ATT&CK technique requirements are mapped to the SAFE controls across its five vectors to identify the gaps under different techniques and provide visibility on different attack categories that the organization is susceptible to.

SAFE supports the latest ATT&CK Matrix v11.2. Cyber Risks - Business Email Compromise, Data Compromise, and Ransomware, are supported for ATT&CK mapping in SAFE.

ATTCK1

Mapping Views


There are two views for ATT&CK mapping available to a user; Detailed View and Matrix View.

Detailed View

A user can filter the techniques applicable to each attack category and view details like attack description, control stats around applicable techniques, mapped controls across PPTCX, and the likelihood of that breach.

ATTCK2

ATTCK3

Info

Users can also export the list of controls from the table by clicking the export icon.

Note
  • Not assessed controls will be considered as Failed.
  • Not Applicable controls will not be considered in the above calculation.

Matrix View

Once the user clicks on any of the attack techniques, the system displays:

  • Attack technique description and reference link to ATT&CK.
  • A list of SAFE controls mapped to attack technique and status (qualified and failed) along with the number of assets on which the mapped controls were assessed.

ATTCK4

ATTCK5


Was this article helpful?

What's Next