cyber security
-
Interpretation of ATT&CK framework for network security attack and defense confrontation
Red and blue confrontation is an important means to attack and promote defense, the key to the real network environment, the use of the attacker's perspective to discover the threat factors, so as to enhance the security protection capabilities, help enterprise security construction.
ATT&CK, as an attack modeling framework developed by the MITRE organization, is a collection of real attack vectors based on real-world observations, which contains numerous threat organizations that have been publicly reported and the tools and attack techniques they use, and can serve as a good reference and learning guide for red-blue confrontation. Therefore, the learning study of ATT&CK is used as the opening of the Red-Blue Confrontation series of articles.