Merge pull request #843 from guardicore/feature/docs-mitre-improvements

docs: Add final tweaks to mitre techniques page.
This commit is contained in:
Itay Mizeretz 2020-09-30 14:04:58 +03:00 committed by GitHub
commit 53f3625172
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 22 additions and 3 deletions

View File

@ -1,3 +1,23 @@
---
title: "MITRE ATT&CK"
date: 2020-09-24T08:18:37+03:00
draft: false
pre: '&nbsp<b><u>&</u></b> '
weight: 10
---
{{% notice info %}}
Check out [the documentation for the MITRE ATT&CK report as well](../../usage/reports/mitre).
{{% /notice %}}
The Monkey maps its actions to the [MITRE ATT&CK](https://attack.mitre.org/) knowledge base and based on this,
provides a report detailing the techniques it used and recommended mitigations.
The idea is to help you simulate an APT attack on your network and mitigate real attack paths intelligently.
In the following table we provide the list of all the ATT&CK techniques the Monkey provides info about,
categorized by tactic. You can follow any of the links to learn more about a specific technique or tactic.
| TACTIC | TECHNIQUES | | TACTIC | TECHNIQUES |
|--- |--- | |--- |--- |
| [Execution](https://attack.mitre.org/tactics/TA0002/) | [Command-line Interface](https://attack.mitre.org/techniques/T1059/) | | [Execution](https://attack.mitre.org/tactics/TA0002/) | [Command-line Interface](https://attack.mitre.org/techniques/T1059/) |
@ -7,7 +27,7 @@
| | [Scripting](https://attack.mitre.org/techniques/T1064/) | | | [Scripting](https://attack.mitre.org/techniques/T1064/) |
| | [Service Execution](https://attack.mitre.org/techniques/T1035/) | | | [Service Execution](https://attack.mitre.org/techniques/T1035/) |
| | [Trap](https://attack.mitre.org/techniques/T1154/) | | | [Trap](https://attack.mitre.org/techniques/T1154/) |
| [Persistence](https://attack.mitre.org/tactics/TA0003/) | [`.bash_profile` & `.bashrc`](https://attack.mitre.org/techniques/T1156/) | | [Persistence](https://attack.mitre.org/tactics/TA0003/) | [.bash_profile & .bashrc](https://attack.mitre.org/techniques/T1156/) |
| | [Create Account](https://attack.mitre.org/techniques/T1136/) | | | [Create Account](https://attack.mitre.org/techniques/T1136/) |
| | [Hidden Files & Directories](https://attack.mitre.org/techniques/T1158/) | | | [Hidden Files & Directories](https://attack.mitre.org/techniques/T1158/) |
| | [Local Job Scheduling](https://attack.mitre.org/techniques/T1168/) | | | [Local Job Scheduling](https://attack.mitre.org/techniques/T1168/) |
@ -36,4 +56,3 @@
| | [Uncommonly Used Port](https://attack.mitre.org/techniques/T1065/) | | | [Uncommonly Used Port](https://attack.mitre.org/techniques/T1065/) |
| | [Multi-hop Proxy](https://attack.mitre.org/techniques/T1188/) | | | [Multi-hop Proxy](https://attack.mitre.org/techniques/T1188/) |
| [Exfiltration](https://attack.mitre.org/tactics/TA0010/) | [Exfiltration Over Command And Control Channel](https://attack.mitre.org/techniques/T1041/)| | [Exfiltration](https://attack.mitre.org/tactics/TA0010/) | [Exfiltration Over Command And Control Channel](https://attack.mitre.org/techniques/T1041/)|
| | |

View File

@ -5,7 +5,7 @@ draft: false
--- ---
{{% notice info %}} {{% notice info %}}
Check out [the documentation for the other reports as well](../). Check out [the documentation for the other reports](../) and [the documentation for supported ATT&CK techniques as well](../../../reference/mitre_techniques).
{{% /notice %}} {{% /notice %}}
The Monkey maps its actions to the [MITRE ATT&CK](https://attack.mitre.org/) knowledge base: It provides a new report with the utilized techniques and recommended mitigations, to help you simulate an APT attack on your network and mitigate real attack paths intelligently. The Monkey maps its actions to the [MITRE ATT&CK](https://attack.mitre.org/) knowledge base: It provides a new report with the utilized techniques and recommended mitigations, to help you simulate an APT attack on your network and mitigate real attack paths intelligently.