MITRE ATT&CK (Adversarial Tactics, Techniques, and Common Knowledge) is the most complete knowledge base of attacker tactics and techniques. MICAN.ro uses ATT&CK for Red Team, threat intelligence, and Purple Team exercises.
MITRE ATT&CK is a matrix of 14 tactics and 190+ documented techniques based on real attacker behavior (APT, ransomware, threat actors). Unlike other frameworks that describe WHAT to test, ATT&CK describes HOW attackers actually operate. Each technique has: description, procedure examples (how it was used by real APT groups), detection, mitigation. ATT&CK covers Enterprise (Windows, Linux, macOS, Cloud), Mobile (Android, iOS), and ICS (industrial systems).
MICAN.ro uses MITRE ATT&CK for: Red Team Engagements (real APT behavior emulation, e.g., APT29, Lazarus Group), Purple Team Exercises (detection testing for specific ATT&CK techniques), Gap Analysis (identifying techniques for which you have no detection), Threat Intelligence (mapping threat actors targeting your industry), Reporting (each finding has ATT&CK IDs for reference). We deliver ATT&CK Navigator heatmap showing what techniques we tested and which succeeded/failed.
MITRE ATT&CK is the common language in the cybersecurity industry. Companies in Romania can use ATT&CK for: communication between Red Team and Blue Team, prioritizing detection investments (which techniques are most used?), validating EDR/SIEM (does it detect relevant techniques?), actionable threat intelligence. ATT&CK is integrated into: SIEMs (Splunk, Elastic), EDRs (CrowdStrike, SentinelOne), threat intelligence platforms, certifications (OSCP, GIAC).