Attack and Defend

The MITRE ATT&CK Framework is a knowledge base that helps map adversarial TTPs (Tactics, Techniques, and Procedures). My goal here is to document known attacks, and defences that can be put into place for those attacks. This is the list of tactics:

1. Reconnaissance - The adversary is trying to gather information they can use to plan future operations.
2. Resource Development - The adversary is trying to establish resources they can use to support operations.
3. Initial Access - The adversary is trying to get into your network.
4. Execution - The adversary is trying to run malicious code.
5. Persistence - The adversary is trying to maintain their foothold.
6. Privilege Escalation - The adversary is trying to gain higher-level permissions.
7. Defense Evasion - The adversary is trying to avoid being detected.
8. Credential Access - The adversary is trying to steal account names and passwords.
9. Discovery - The adversary is trying to figure out your environment.
10. Lateral Movement - The adversary is trying to move through your environment.
11. Collection - The adversary is trying to gather data of interest to their goal.
12. Command and Control - The adversary is trying to communicate with compromised systems to control them.
13. Exfiltration - The adversary is trying to steal data.
14. Impact - The adversary is trying to manipulate, interrupt, or destroy your systems and data.