Defending Operational Technology (OT) with ATT&CK

_images/defending-ot.jpg

Defending OT with ATT&CK provides a customized collection of MITRE ATT&CK® techniques tailored to the attack surface and threat model for OT environments. The collection of threats contained in the ATT&CK knowledgebase, including historical attacks against OT, are used to define a reference architecture and technology domains of interest for OT. The resultant collection can be used by organizations that use OT to evaluate and employ security controls for real-world adversary behaviors.

This project is created and maintained by MITRE Engenuity Center for Threat-Informed Defense (Center) and is funded by our research participants, in futherance of our mission to advance the state of the art and the state of the practice in threat-informed defense globally. This work builds upon the Center’s Defending IaaS with ATT&CK project by using the methodology and tooling created under that project as a basis, and provides another collection of resources cyber defenders can use to understand and make threat-informed decisions for techniques that could be used within an IT/OT hybrid architecture and environment.

Notice

© 2024 MITRE Engenuity. Approved for public release. Document number(s) CT0121.

Licensed under the Apache License, Version 2.0 (the “License”); you may not use this file except in compliance with the License. You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0

Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an “AS IS” BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License.

This project makes use of ATT&CK®: ATT&CK Terms of Use