MITRE Mitigation
mitigation
The MITRE Mitigation object describes the ATT&CK® or ATLAS™ Mitigation ID and/or name that is associated to an attack.
Attributes
| Caption | Name | Type | Description |
|---|---|---|---|
| Countermeasures | countermeasures |
MITRE D3FEND™[] |
The D3FEND countermeasures that are associated with the attack technique. For example: ATT&CK Technique T1003 is addressed by Mitigation M1027, and D3FEND Technique D3-OTP.
|
| Name | name |
String |
The Mitigation name that is associated with the attack technique. For example: Password Policies, or Code Signing.
|
| Raw Data | raw_data |
JSON |
Group:contextThe event data as received from the event source. |
| Record ID | record_id |
String |
Group:primaryUnique identifier for the object |
| Source URL | src_url |
URL String |
Entity:URL_STRINGThe versioned permalink of the Mitigation. For example: https://attack.mitre.org/versions/v14/mitigations/M1027.
|
| Unique ID | uid |
String |
The Mitigation ID that is associated with the attack technique. For example: M1027, or AML.M0013.
|
| Unmapped | unmapped |
Unmapped[] | Data from the source that was not mapped into the schema. |
Relationships
Inbound Relationships
These objects and events reference MITRE Mitigation in their attributes:
Outbound Relationships
MITRE Mitigation references the following objects and events in its attributes:
This page describes qdm-1.5.1+ocsf-1.6.0
Updated about 7 hours ago