It is a knowledge base of tactic techniques; things have been observed when attacks happen in the wild. It has boomed in popularity recently, and people are now using it as a starting point into how they should be evaluating their visibility into networks and detections.
It’s a language for describing threat that can be used across security organizations and beyond. The value is that it helps everyone from threat intelligence teams to blue and red teams to have the same language and perspective so they can communicate about threat.
Please fill all the required * fields.