An incident responder is investigating an intrusion where the threat actor obtained sensitive data from a segmented portion of the network. To enhance the organization's defense strategy against such tactics in the future, which resource would BEST aid the responder in correlating the adversary's behavior patterns to known threat actor profiles?
ISO/IEC 27035
NIST's Intrusion Analysis Model
MITRE ATT&CK
The Diamond Model for Intrusion Analysis