Versions Compared

Old Version 3

changes.mady.by.user Gary Leicht

Saved on

compared with

New Version 4

changes.mady.by.user Gary Leicht

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

  • Initial Access: The technique or techniques used to gain an initial foothold within your network.

  • Execution: The technique or techniques used, resulting in malicious code running on a system residing in your network.

  • Persistence: The technique or techniques used to maintain access to systems during systems restarts, credential changes, and other service interruptions which would cut off access to systems in your network.

  • Privilege Escalation: The technique or techniques used to gain higher-level permission levels on your system running in your network.

  • Defense Evasion: The technique or techniques used to avoid detection and compromise of a system residing in your network.

  • Credential Access: The technique or techniques used to steal credentials such as account names and passwords for systems residing in your network.

  • Discovery: The technique or techniques used to gain information and intelligence about a system in your network.

  • Lateral Movement: The technique or techniques used to enter and control a system residing on your network. Controlling a system often involves pivoting through multiple systems and accounts to gain access.

  • Collection: The technique or techniques used to gather data after gaining access to a system in your network. Frequently, the next goal after collecting the data is to steal (exfiltrate) the data. 

  • Command and Control: The technique or techniques used to communicate with other compromised systems in your network.

  • Exfiltration: The technique or techniques used to steal data from your system or network.

  • Impact: The technique or techniques used to manipulate, interrupt, or destroy your systems and data residing on your network.

Image RemovedClick the title of any section within the report to view the report details specific to that section of the report in the  details pane. For example, in the report below, clicking on the T-link (T1043) in the Commonly Used Port section of the report to display the details paneOr, click theT-link associated with a section title to view threat information directly on the MITRE website.


Image Added 

Image: Sample MITRE ATT&CK report

...