AttackDetails

MITRE ATT&CK details.

JSON representation
{ "version": string, "tactics": [ { object (`Tactic`) } ], "techniques": [ { object (`Technique`) } ] }

Fields

Fields
`version`	`string` ATT&CK version (e.g. 12.1).
`tactics[]`	`object (Tactic)` Tactics employed.
`techniques[]`	`object (Technique)` Techniques employed.

version

string

ATT&CK version (e.g. 12.1).

tactics[]

object (Tactic)

Tactics employed.

techniques[]

object (Technique)

Techniques employed.

Tactic

Tactic information related to an attack or threat.

JSON representation
{ "id": string, "name": string }

Fields

Fields
`id`	`string` Tactic ID (e.g. "TA0043").
`name`	`string` Tactic Name (e.g. "Reconnaissance")

id

string

Tactic ID (e.g. "TA0043").

name

string

Tactic Name (e.g. "Reconnaissance")

Technique information related to an attack or threat.

JSON representation
{ "id": string, "name": string, "subtechniqueId": string, "subtechniqueName": string }

Fields
`id`	`string` Technique ID (e.g. "T1595").
`name`	`string` Technique Name (e.g. "Active Scanning").
`subtechniqueId`	`string` Subtechnique ID (e.g. "T1595.001").
`subtechniqueName`	`string` Subtechnique Name (e.g. "Scanning IP Blocks").