MITRE Sub-technique

sub_technique

The MITRE Sub-technique object describes the ATT&CK® or ATLAS™ Sub-technique ID and/or name associated to an attack.

Attributes

Caption	Name	Type	Description
Name	`name`	String	The name of the attack sub-technique. For example: Scanning IP Blocks or User Execution: Unsafe ML Artifacts.
Raw Data	`raw_data`	JSON	Group:`context` The event data as received from the event source.
Record ID	`record_id`	String	Group:`primary` Unique identifier for the object
Source URL	`src_url`	URL String	Entity:`URL_STRING` The versioned permalink of the attack sub-technique. For example: https://attack.mitre.org/versions/v14/techniques/T1595/001/.
Unique ID	`uid`	String	The unique identifier of the attack sub-technique. For example: T1595.001 or AML.T0011.000.
Unmapped	`unmapped`	Unmapped[]	Data from the source that was not mapped into the schema.

These objects and events reference MITRE Sub-technique in their attributes:

MITRE Sub-technique references the following objects and events in its attributes:

This page describes qdm-1.5.1+ocsf-1.6.0

Updated 16 days ago