MITRE ATT&CK

Adversary Tactics, Techniques & Mitigations

Tactics Adversary goals Techniques How attacks work Mitigations Countermeasures
M1013
Application Developer Guidance
M1015
Active Directory Configuration
M1016
Vulnerability Scanning
M1017
User Training
M1018
User Account Management
M1019
Threat Intelligence Program
M1020
SSL/TLS Inspection
M1021
Restrict Web-Based Content
M1022
Restrict File and Directory Permissions
M1024
Restrict Registry Permissions
M1025
Privileged Process Integrity
M1026
Privileged Account Management
M1027
Password Policies
M1028
Operating System Configuration
M1029
Remote Data Storage
M1030
Network Segmentation
M1031
Network Intrusion Prevention
M1032
Multi-factor Authentication
M1033
Limit Software Installation
M1034
Limit Hardware Installation
M1035
Limit Access to Resource Over Network
M1036
Account Use Policies
M1037
Filter Network Traffic
M1038
Execution Prevention
M1039
Environment Variable Permissions
M1040
Behavior Prevention on Endpoint
M1041
Encrypt Sensitive Information
M1042
Disable or Remove Feature or Program
M1043
Credential Access Protection
M1044
Restrict Library Loading
M1045
Code Signing
M1046
Boot Integrity
M1047
Audit
M1048
Application Isolation and Sandboxing
M1049
Antivirus/Antimalware
M1050
Exploit Protection
M1051
Update Software
M1052
User Account Control
M1053
Data Backup
M1054
Software Configuration
M1055
Do Not Mitigate
M1056
Pre-compromise
M1057
Data Loss Prevention
M1060
Out-of-Band Communications Channel