Sensor Mappings to ATT&CK

The Sensor Mappings to ATT&CK Project (SMAP) is a collection of resources to assist security operations teams and security leaders with understanding which tools, capabilities, and events can help provide visibility into real-world adversary behaviors potentially occurring in their environments. SMAP builds on MITRE ATT&CK® Data Sources by connecting the conceptual data source representions of information that can be collected to concrete logs, sensors, and other security capabilities that provide that type of data.

This project is created and maintained by MITRE Engenuity Center for Threat-Informed Defense (Center) and is funded by our research participants, in futherance of our mission to advance the start of the art and the state of the practice in threat-informed defense globally. This work complements the Center’s Security Stack Mappings project by allowing defenders to use both resources to understand their overall defensive coverage and make threat-informed decisions.


© 2023 MITRE Engenuity. Approved for public release. Document number CT0089.

Licensed under the Apache License, Version 2.0 (the “License”); you may not use this file except in compliance with the License. You may obtain a copy of the License at

Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an “AS IS” BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License.

This project makes use of ATT&CK®: ATT&CK Terms of Use