MITRE information about incidents

When you click a row in the Incident summary view results pane, a slide-out panel provides details about the incident. The MITRE ATT&CK section displays information related to incidents and events that are often associated with the attack methods defined in the
MITRE ATT&CK Matrix
. For more information, see:
The following table lists the MITRE categories of attack types:
Initial Access
Initial Access techniques include targeted spearphishing and exploiting weaknesses on public-facing web servers. For more information, see:
Execution
Execution techniques result in malicious code running on a local or remote system. For more information, see:
Persistence
Persistence techniques allow an attacker to keep access to systems after an interruption, such as a reboot or account changes. For more information, see:
Privilege Escalation
Privilege Escalation techniques are used to gain high-level permissions on a system or network. For more information, see:
Defense Evasion
Defense Evasion techniques are used to avoid detection during an attack. For more information, see:
Credential Access
Credential Access techniques are used to steal account credentials. For more information, see:
Discovery
Discovery techniques are used to obtain information about the system and internal network. For more information, see:
Lateral Movement
Lateral Movement techniques are used to enter and control remote systems on a network. An attacker uses these techniques to explore the network. For more information, see:
Collection
Collection techniques gather information relevant to completing the attacker's goals. For more information, see:
Exfiltration
Exfiltration techniques are used to steal data from your network. For more information, see:
Command and Control
Command and Control techniques are used to communicate with systems under an attacker's control. For more information, see:
More information