MITRE Technique

technique

The MITRE Technique object describes the ATT&CK® or ATLAS™ Technique ID and/or name associated to an attack.

Attributes

CaptionNameTypeDescription
NamenameStringThe name of the attack technique. For example: Active Scanning or AI Model Inference API Access.
Raw Dataraw_dataJSONGroup:context

The event data as received from the event source.
Record IDrecord_idStringGroup:primary

Unique identifier for the object
Source URLsrc_urlURL StringEntity:URL_STRING

The versioned permalink of the attack technique. For example: https://attack.mitre.org/versions/v14/techniques/T1595/.
Unique IDuidStringThe unique identifier of the attack technique. For example: T1595 or AML.T0040.
UnmappedunmappedUnmapped[]Data from the source that was not mapped into the schema.

Relationships

MITRE Technique shown in context

Inbound Relationships

These objects and events reference MITRE Technique in their attributes:

Outbound Relationships

MITRE Technique references the following objects and events in its attributes:

This page describes qdm-1.5.1+ocsf-1.6.0