MITRE ATT&CK® Network

Threats,Tactics and Procedures TTP
MITRE’s ATT&CK®
Initial Access – Network
1. Exploit Public-Facing Apps.
Execution – Network
1. Command & Scripting Interpreter.
Persistence – Network
1. Pre-OS Boot.
2. Traffic Signalling.
Defense Evasion – Network

1. Modify Authentication Process.
2. Modify System Image.
3. Network Boundary. Bridging.
4. Pre-OS Boot.
5. Traffic Signalling.
6. Weaken Encryption.
Credential Access – Network
1. Input Capture
2. Modify the Authentication Process.
Collection – Network
1. Data from Configuration Repository.
2. Input Capture.
Command and Control – Network
1. Non-Application Layer Protocol.
2. Proxy.
3. Traffic Signalling.
Exfiltration – Network
1. Automated Exfiltration.

ATT&CK Matrix