MITRE ATT&CK® Technique

The MITRE ATT&CK® Technique object describes the technique ID and/or name associated to an attack, as defined by ATT&CK® Matrix.

Attributes

CaptionNameTypeDescription
Name name String The name of the attack technique, as defined by ATT&CK® Matrix. For example: Active Scanning.
Raw Data raw_data JSON The event data as received from the event source.
Record ID record_id String Unique identifier for the object
Source URL src_url URL String The versioned permalink of the attack technique, as defined by ATT&CK® Matrix. For example: https://attack.mitre.org/versions/v14/techniques/T1595/.
Unique ID uid String The unique identifier of the attack technique, as defined by ATT&CK® Matrix. For example: T1595.
Unmapped Data unmapped Unmapped[] The attributes that are not mapped to the event schema. The names and values of those attributes are specific to the event source.

Relationships

MITRE ATT&CK® Technique shown in context

Inbound Relationships

These objects and events reference MITRE ATT&CK® Technique in their attributes:

Outbound Relationships

MITRE ATT&CK® Technique references the following objects and events in its attributes:

This page describes qdm-1.3.2+ocsf-1.3.0