Top ATT&CK Techniques
PublishedProblem
Defending against all ATT&CK techniques is simply not practical, and without guidance, determining which techniques to focus on is overwhelming.

Solution
Publish a methodology and tools to help defenders systematically prioritize ATT&CK techniques.

Impact
Defenders focus on the adversary behaviors that are most relevant to their organization and have the greatest effect on their security posture.

Project Resources
Published:10 May 2022
Funding Research Participants






Non-Profit Research Participants

Project Summary
Top ATT&CK Techniques provides defenders with a systematic approach to prioritizing ATT&CK techniques. Our open methodology considers technique prevalence, common attack choke points, and actionability to enable defenders to focus on the ATT&CK techniques that are most relevant to their organization.
The Top ATT&CK Techniques Calculator makes building customized top technique lists easy. Users can create a top 10 technique list tailored to their organization.
The Top Ransomware Technique List provides a starting point for defending against ransomware attacks and demonstrates how the Top ATT&CK Techniques methodology can be tailored to different use cases.
