MITRE Mitigation

mitigation

The MITRE Mitigation object describes the ATT&CK® or ATLAS™ Mitigation ID and/or name that is associated to an attack.

Attributes

Caption	Name	Type	Description
Countermeasures	`countermeasures`	MITRE D3FEND™[]	The D3FEND countermeasures that are associated with the attack technique. For example: ATT&CK Technique T1003 is addressed by Mitigation M1027, and D3FEND Technique D3-OTP.
Name	`name`	String	The Mitigation name that is associated with the attack technique. For example: Password Policies, or Code Signing.
Raw Data	`raw_data`	JSON	Group:`context` The event data as received from the event source.
Record ID	`record_id`	String	Group:`primary` Unique identifier for the object
Source URL	`src_url`	URL String	Entity:`URL_STRING` The versioned permalink of the Mitigation. For example: https://attack.mitre.org/versions/v14/mitigations/M1027.
Unique ID	`uid`	String	The Mitigation ID that is associated with the attack technique. For example: M1027, or AML.M0013.
Unmapped	`unmapped`	Unmapped[]	Data from the source that was not mapped into the schema.

These objects and events reference MITRE Mitigation in their attributes:

MITRE Mitigation references the following objects and events in its attributes:

This page describes qdm-1.5.1+ocsf-1.6.0

Updated 22 days ago