Benchmark: MITRE ATT&CK v16.1
To obtain the latest version of this official guide, please visit https://attack.mitre.org/.
Overview
MITRE ATT&CK is a globally-accessible knowledge base of adversary tactics and techniques based on real-world observations. The ATT&CK knowledge base is used as a foundation for the development of specific threat models and methodologies in the private sector, in government, and in the cybersecurity product and service community.
Usage
Install the mod:
mkdir dashboardscd dashboardspowerpipe mod initpowerpipe mod install github.com/turbot/tailpipe-mod-aws-cloudtrail-log-detectionsStart the Powerpipe server:
powerpipe serverOpen http://localhost:9033 in your browser and select MITRE ATT&CK v16.1.
Run this benchmark in your terminal:
powerpipe benchmark run aws_cloudtrail_log_detections.benchmark.mitre_attack_v161Snapshot and share results via Turbot Pipes:
powerpipe benchmark run aws_cloudtrail_log_detections.benchmark.mitre_attack_v161 --shareBenchmarks
- TA0001 Initial Access
- TA0002 Execution
- TA0003 Persistence
- TA0004 Privilege Escalation
- TA0005 Defense Evasion
- TA0006 Credential Access
- TA0008 Lateral Movement
- TA0009 Collection
- TA0010 Exfiltration
- TA0040 Impact
- TA0042 Execution