A penetration testing team is preparing for an engagement by modeling adversary behaviors to create realistic attack scenarios. The team needs a framework that provides a curated, publicly available knowledge base of cyber adversary tactics and techniques based on real-world observations. Which of the following is the most appropriate resource for this task?
The correct answer is MITRE ATT&CK. The MITRE ATT&CK framework is a globally recognized knowledge base of adversary tactics and techniques based on real-world observations, specifically designed to be used for threat modeling, red teaming, and developing adversary emulation scenarios. The Open Source Security Testing Methodology Manual (OSSTMM) provides a methodology for conducting security tests across various channels but is not a knowledge base of adversary TTPs. The OWASP Top 10 is a standard awareness document that lists the most critical security risks to web applications, focusing on vulnerabilities rather than attacker behaviors. The Operationally Critical Threat, Asset, and Vulnerability Evaluation (OCTAVE) framework is a risk management methodology that focuses on assessing organizational and business risks rather than cataloging specific adversary techniques.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is MITRE ATT&CK and why is it useful for penetration testers?
Open an interactive chat with Bash
What is the difference between MITRE ATT&CK and OSSTMM?
Open an interactive chat with Bash
How does the MITRE ATT&CK framework compare with the OWASP Top 10?