MITRE ATT&CK® Technique

technique

The MITRE ATT&CK® Technique object describes the technique ID and/or name associated to an attack, as defined by ATT&CK® Matrix.

Attributes

Caption	Name	Type	Description
Name	`name`	String	The name of the attack technique, as defined by ATT&CK® Matrix. For example: `Active Scanning`.
Raw Data	`raw_data`	JSON	Group:`context` The event data as received from the event source.
Record ID	`record_id`	String	Group:`primary` Unique identifier for the object
Source URL	`src_url`	URL String	Entity:`URL_STRING` The versioned permalink of the attack technique, as defined by ATT&CK® Matrix. For example: `https://attack.mitre.org/versions/v14/techniques/T1595/`.
Unique ID	`uid`	String	The unique identifier of the attack technique, as defined by ATT&CK® Matrix. For example: `T1595`.
Unmapped	`unmapped`	Unmapped[]	Data from the source that was not mapped into the schema.

These objects and events reference MITRE ATT&CK® Technique in their attributes:

MITRE ATT&CK® Technique references the following objects and events in its attributes:

This page describes ocsf-1.4.0

Updated 10 days ago