Research Article
An Automatic Assessment Method of Cyber Threat Intelligence Combined with ATT&CK Matrix
Table 2
A mapping of ATT&CK concepts to STIX 2.0 objects.
| | ATT&CK concepts | STIX object | Custom type? |
| | Tactic | x-mitre-tactic | Yes | | Matrix | x-mitre-matrix | Yes | | Mitigations | Course-of-action | No | | Groups | Intrusion-set | No | | Malicious | Malware | No | | Software | Tool | No | | Technique | Attack-pattern | No | | Subtechnique | Attack-pattern where | No | | Procedure | Relationship where and target_ref is an attack-pattern | No |
|
|
