ID |
Name |
Description |
|---|---|---|
TA0001 |
Initial Access |
The adversary is trying to get into your network. |
TA0002 |
Execution |
The adversary is trying to run malicious code. |
TA0003 |
Persistence |
The adversary is trying to maintain their foothold. |
TA0004 |
Privilege Escalation |
The adversary is trying to gain higher-level permissions. |
TA0005 |
Defense Evasion |
The adversary is trying to avoid being detected. |
TA0006 |
Credential Access |
The adversary is trying to steal account names and passwords. |
TA0007 |
Discovery |
The adversary is trying to figure out your environment. |
TA0008 |
Lateral Movement |
The adversary is trying to move through your environment. |
TA0009 |
Collection |
The adversary is trying to gather data of interest to their goal. |
TA0010 |
Exfiltration |
The adversary is trying to steal data. |
TA0011 |
Command and Control |
The adversary is trying to communicate with compromised systems to control them. |
TA0040 |
Impact |
The adversary is trying to manipulate, interrupt, or destroy your systems and data. |
