Defending IaaS with ATT&CK

Defending IaaS With ATT&CK is a project to create a customized collection of MITRE ATT&CK® techniques tailored to the unique attack surface and threat model for Infrastructure-as-a-Service (IaaS). This collection can be used to plan and evaluate security controls for organizations that use IaaS based on the known adversary behaviors described by ATT&CK. The project methodology is also documented so that organizations can create their own customized collections tailored to their unique needs and circumstances.

This project is created and maintained by the MITRE Engenuity Center for Threat-Informed Defense in futherance of our mission to advance the start of the art and and the state of the practice in threat-informed defense globally. The project is funded by our research participants.

Contents

• Overview
  • Background
  • Use Cases
  • Get Started
• Collection
  • Architecture
  • Building the Collection
  • Visualize the Collection
  • Download the Collection
• Methodology
  • Identify Attack Surface
  • Compile Sources
  • Define Criteria
  • Select Techniques
  • Build Collection

Notice

© 2022 MITRE Engenuity. Approved for public release. Document number CT0059.

Licensed under the Apache License, Version 2.0 (the “License”); you may not use this file except in compliance with the License. You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0

Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an “AS IS” BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License.

This project makes use of ATT&CK®: ATT&CK Terms of Use