ATT&CK v13 Enters the Room

ATT&CK v13 Enters the Room: Pseudocode, Swifter Search, and Mobile Data Sources

It’s not like a regular Tuesday, it’s a lucky Tuesday — ATT&CK v13 has arrived. As we outlined in our channel.

ATT&CK’s Infrastructure: ATT&CK Search 2.0 and changelog.json

Two of our most frequently requested items are now here: faster search and machine-readable changelogs!

We’ve all experienced the patience-building opportunity associated with using the ATT&CK website search, so we’re thrilled to finally introduce a new and improved search! While it won’t be breaking the sound barrier anytime soon, it will save you some serious time when you’re trying to figure out which techniques cover Import Access Table. Your initial search with the enhanced version will be in the 5-second range, with following queries resolving near instantaneously. We’ll continue to adjust this important feature and appreciate all of you who stayed with us through the search bar trials. Let us know if you spot any new corner cases!

Another significant addition to this release is a channel on the ATT&CK slack.

Linux: Making the Penguin a Little More Secure

Our Linux team has spent the last few months going through contributions, coordinating with contributors, and navigating through open-source reporting for in-the-wild adversary behaviors. This release includes updated and new Linux-only (sub)techniques that will enhance the Linux defender’s toolset. We’ll continue building out Linux coverage in ATT&CK, as well as gaining a better understanding of the adversaries operating in this space. If you’d like to work with us or to join our very exclusive Linux channel (#linux_attack), we’d love to have a conversation.

Next Up: v14 and ATT&CKcon

We know you’re still trying to catch your breath from all the v13 adjustments, but we’re still sprinting for v14! October’s release will feature upgraded coverage across domains, renovated mitigations, new cross-domain mappings, more pseudocodes, and Mobile structured detections.

We’ll also be releasing more details on ATT&CKCon 4.0 soon (October 24–25), so start getting ready with some light reading/watching of previous ATT&CKcon presentations or couch interviews.

As always, we look forward to connecting with you on email, Twitter, or Slack.

©2023 The MITRE Corporation. ALL RIGHTS RESERVED. Approved for public release. Distribution unlimited 22–00745–1

ATT&CK v13 Enters the Room was originally published in MITRE ATT&CK® on Medium, where people are continuing the conversation by highlighting and responding to this story.