Different ways of analyzing, categorizing, and theorizing about cyberattacks
- Developed by Lockheed Martin
- Breaks attacks into seven steps:
- Reconnaissance
- Weaponization
- Delivery
- Exploitation
- Installation
- Command and Control
- Actions on Objectives
- Adversarial Tactics, Techniques, and Common Knowledge
- matrix of tactics and techniques, not an ordered set of steps
- complementary to Lockheed's cyber kill chain
- Developed by MITRE, a non-profit organization
- MITRE also maintains CVE system and CWE (Common Weakness Enumeration) project
- defines attacks by four terms in mutual relationship:
- Adversary, Capability, Infrastructure, Victim
- can reveal similarities in different attacks