Oct 25 2021

Released: MITRE ATT&CK v10

Category: Attack MatrixDISC @ 7:14 am

MITRE Corporation has released the tenth version of ATT&CK, its globally accessible (and free!) knowledge base of cyber adversary tactics and techniques based on real-world observations.

Version ten comes with new Data Source objects, new and changed techniques in its various matrices, key changes to facilitate hunting in ICS environments, and more.

MITRE ATT&CK v10

MITRE ATT&CK v10

The most prominent change in this newest version of the framework is new objects with aggregated information about data sources.

ā€œThe data source object features the name of the data source as well as key details and metadata, including an ID, a definition, where it can be collected (collection layer), what platform(s) it can be found on, and the data components highlighting relevant values/properties that comprise the data source,ā€ MITRE ATT&CK Content Lead Amy L. Robertson and cybersecurity engineers Alexia Crumpton and Chris AnteĀ explained.

ā€œThese data sources are available for all platforms of Enterprise ATT&CK, including our newest additions that cover OSINT-related data sources mapped toĀ PRE platform techniques.ā€

Changes inĀ ATT&CK for ICSĀ and theĀ Mobile matricesĀ are focused on providing all the features currently provided in the Enterprise matrices.

ā€œv10 also includes cross-domain mappings of Enterprise techniques to software that were previously only represented in the ICS Matrix, including Stuxnet, Industroyer, and several others. The fact that adversaries donā€™t respect theoretical boundaries is something weā€™ve consistently emphasized, and we think itā€™s crucial to feature Enterprise-centric mappings for more comprehensive coverage of all the behaviors exhibited by the software,ā€ they added.

The complete release notes for MITRE ATT&CK v10 can be foundĀ here.

Tags: cyber attack, MITRE ATT&CK, MITRE ATT&CK v10

Leave a Reply

You must be logged in to post a comment. Login now.