TTP
Tactics, Techniques, and Procedures
TTPs describe the behavior patterns of threat actors, from high-level goals (tactics) to specific methods (techniques) and detailed implementation steps (procedures). The MITRE ATT&CK framework organizes known adversary TTPs into a structured knowledge base.
Como é usado em cibersegurança
Threat intelligence analysts map adversary TTPs to MITRE ATT&CK to profile threat groups and predict their next moves. SOC teams build detection rules that target specific techniques rather than relying solely on IOC signatures. Incident responders use TTP analysis to attribute attacks and understand the full scope of an intrusion.
Termo relacionado no glossário: tactics techniques and procedures
As definições são explicações originais escritas para fins de desenvolvimento profissional. Para definições técnicas autoritativas, consulte NIST, ISO ou o órgão de normalização correspondente.