Top ATT&CK Techniques

Published

Problem

Defending against all ATT&CK techniques is simply not practical, and without guidance, determining which techniques to focus on is overwhelming.

Solution

Publish a methodology and tools to help defenders systematically prioritize ATT&CK techniques.

Impact

Defenders focus on the adversary behaviors that are most relevant to their organization and have the greatest effect on their security posture.

Funding Research Participants

Non-Profit Research Participants

Project Summary

Top ATT&CK Techniques provides defenders with a systematic approach to prioritizing ATT&CK techniques. Our open methodology considers technique prevalence, common attack choke points, and actionability to enable defenders to focus on the ATT&CK techniques that are most relevant to their organization.

The Top ATT&CK Techniques Calculator makes building customized top technique lists easy. Users can create a top 10 technique list tailored to their organization.

The Top Ransomware Technique List provides a starting point for defending against ransomware attacks and demonstrates how the Top ATT&CK Techniques methodology can be tailored to different use cases.