MITRE ATT&CK

MITRE ATT&CK is a comprehensive knowledge base of adversary tactics and techniques based on real-world cyberattack observations, describing attacker behavior through techniques and sub-techniques.

MITRE ATT&CK is a comprehensive knowledge base of adversary tactics and techniques based on real-world cyberattack observations. MITRE ATT&CK consists of techniques and sub-techniques that describe adversary behavior at a high level of detail. Each technique includes a description of the adversary's goal, the data sources that can detect the technique, and recommended mitigations.

The MITRE ATT&CK framework is organized into 14 tactics, from initial access to impact. Each tactic contains a number of techniques, and each technique may have a number of sub-techniques. The tactics and techniques are organized in a matrix, which allows security teams to quickly see what techniques are associated with each tactic and how they relate to each other.

Read our latest blog articles

Product News

June 23, 2026

Sekoia’s new identity: Designed for clarity

Sekoia has partnered with branding agency Bruno to develop a new brand identity and digital experience that reflects who we really are.

Sekoia Team

Threat Research & Intelligence

TDR

June 11, 2026

APT28, an evolution of tradecraft

Sekoia TDR looks back at how APT28's arsenal has evolved over two decades, from its signature X-Agent implants to disposable modules, edge-device infrastructure and the first LLM-driven malware.

Amaury-Jacques GARCON

Threat Detection & Research Team

Threat Research & Intelligence

TDR

June 16, 2026

Unveiling ErrTraffic: inside a growing ClickFix malware distribution framework

This report details the ErrTraffic threat and its associated ecosystem, highlighting three specific campaigns and their operators' arsenal.

Jérémy SCION

Quentin BOURGUE

Threat Detection & Research Team