MITRE ATT&CK® Technique

technique

The MITRE ATT&CK® Technique object describes the technique ID and/or name associated to an attack, as defined by ATT&CK® Matrix.

Attributes

CaptionNameTypeDescription
NamenameString

The name of the attack technique, as defined by ATT&CK® Matrix. For example: Active Scanning.

Raw Dataraw_dataJSON

Group:context
The event data as received from the event source.

Record IDrecord_idString

Group:primary
Unique identifier for the object

Source URLsrc_urlURL String

Entity:URL_STRING
The versioned permalink of the attack technique, as defined by ATT&CK® Matrix. For example: https://attack.mitre.org/versions/v14/techniques/T1595/.

Unique IDuidString

The unique identifier of the attack technique, as defined by ATT&CK® Matrix. For example: T1595.

UnmappedunmappedUnmapped[]

Data from the source that was not mapped into the schema.

Relationships

MITRE ATT&CK® Technique shown in context

Inbound Relationships

These objects and events reference MITRE ATT&CK® Technique in their attributes:

Outbound Relationships

MITRE ATT&CK® Technique references the following objects and events in its attributes:

This page describes ocsf-1.4.0