Skip to content

Sensor Mappings To ATT&CK v1.0.0

The Center for Threat-Informed Defense

Contents

  • Overview
  • Definitions
  • Mapping Methodology
  • Sensor Mapping
    • Auditd
    • CloudTrail
    • OSQuery
    • Sysmon
    • WinEvtx
    • ZEEK
  • Use Cases
  • Example Scenarios
    • Windows Example Scenarios
    • Linux Example Scenario
    • CloudTrail Example Scenarios
    • Network Example Scenario
  • Changelog
  1. Docs
  2. Search

The Center for Threat-Informed Defense

The Center for Threat-Informed Defense is a non-profit, privately funded research and development organization. Our mission is to advance the state of the art and the state of the practice in threat-informed defense globally.

The Center for Threat-Informed Defense

Related Sites

Measure Maximize And Mature Threat-Informed Defense (M3TID) Summiting The Pyramid Attack Flow

© 2023 MITRE. Approved for public release. Document number(s) CT0089.