The team makes a best effort to track overlaps between names based on publicly reported associations, which are designated as “Associated Groups” on each page (formerly labeled “Aliases”), because we believe these overlaps are useful for analyst awareness. Organizations' group definitions may partially overlap with groups designated by other organizations and may disagree on specific activity.įor the purposes of the Group pages, the MITRE ATT&CK team uses the term Group to refer to any of the above designations for a cluster of adversary activity. Some groups have multiple names associated with similar activities due to various organizations tracking similar activities by different names. Analysts track clusters of activities using various analytic methodologies and terms such as threat groups, activity groups, threat actors, intrusion sets, and campaigns. Groups are sets of related intrusion activity that are tracked by a common name in the security community.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |