Getting Started with the MITRE ATT&CK® Framework

Focusing your security team to test attack methods based on MITRE ATT&CK framework sets the direction on threat data to pinpoint your enterprise security posture. As with any new process, there are challenges in getting started, for example:

• Should you test all techniques across the ATT&CK framework?
• Should you focus the team on TTPs for threat groups that are most impactful to your organization?
• Should you chase the latest threats?
• For how long should testing be performed to collect the data needed for reporting?