1. home icon for breadcrumbs >
  2. Discover and Manage Security Risks >
  3. Prioritize Findings >
  4. Prioritization using MITRE ATT&CK Matrix

MITRE ATT&CK Matrix in ETM

The MITRE ATT&CK Matrix is a framework created by the non-profit organization MITRE. It helps organizations understand and respond to cyber attacks by describing how attackers behave. This tool gives the cybersecurity community a common way to talk about and analyze threats so they can better protect against them.

Using Qualys provisioned Enterprise MITRE ATT&CK Matrix; you can identify the gaps in the security architecture, instantly contain the threat, and protect your organization from new attacks. 

Component of the ATT&CK Matrix

Before proceeding understand the following MITRE ATT&CK terms.

  • Adversarial

    These are individuals or groups trying to break into or attack systems. They are the attackers that the MITRE ATT&CK framework studies and classifies.

  • Tactics (Understanding the Motives Behind Attacks)

    Tactics explain what attackers want to achieve at different stages of their attacks. Each tactic is related to a specific part of the attack process. Examples include getting initial access, running code, gaining higher privileges, and avoiding detection.  

  • Techniques (Understanding Attack Methods)

    Techniques explain the specific methods that attackers use to carry out a tactic. Each technique shows how they reach their goals and may include variations known as sub-techniques.

    Let us take an example, when an attacker uses a general technique like Phishing, there can be multiple specific ways to carry it out. These variations are referred to as sub-techniques in the MITRE ATT&CK framework.

    Technique: Phishing (T1566)

    Phishing is a broad method where attackers attempt to deceive users into revealing sensitive information or performing an action that benefits the attacker, such as downloading malware.

  • Common Knowledge

    This refers to the documented ways that attackers use different tactics and techniques. It includes real-life examples and patterns of attacker behavior gathered by MITRE.

  • Risk Findings

    These are threats or vulnerabilities identified in the MITRE ATT&CK Matrix within ETM. This information helps decide which risks to tackle first, based on how likely attackers are to take advantage of them

List of MITRE ATT&CK Tactics and Techniques

Currently, there are 14 Tactics and more than 150 Techniques. To know more about each Tactics and Techniques, refer to the MITRE ATT&CKwebpage. 

MITRE ATT&CK Matrix in Qualys ETM

The ETM application uses the MITRE ATT&CK framework in matrix form based on vulnerabilities and misconfigurations. The MITRE ATT&CK Matrix in the ETM application's Risk Management tab shows a detailed view of Tactics and Techniques.

To know the details of this feature, go to Prioritization using MITRE ATT&CK Matrix.

© 2025 Qualys, Inc. All rights reserved. Privacy Policy.