{"id":99884,"date":"2025-01-08T11:13:41","date_gmt":"2025-01-08T09:13:41","guid":{"rendered":"https:\/\/staging.checkmarx.com\/?post_type=glossary&#038;p=99884"},"modified":"2025-01-08T11:53:12","modified_gmt":"2025-01-08T09:53:12","slug":"what-is-the-mitre-attck-framework","status":"publish","type":"glossary","link":"https:\/\/checkmarx.com\/glossary\/what-is-the-mitre-attck-framework\/","title":{"rendered":"What is the MITRE ATT&amp;CK framework?"},"content":{"rendered":"<h2 class=\"wp-block-heading article-anchor\" id=\"article-anchor-1\"><strong>Summary<\/strong><\/h2>\n\n\n\n\n<blockquote>\n    <p>\u201cThe MITRE ATT&amp;CK framework is a powerful tool to support enterprises in understanding adversaries\u2019 tactics, techniques and procedures to better shore up security posture. This article answers the question, what is MITRE ATT&amp;CK framework, and how you can use the MITRE ATT&amp;CK matrix to support a robust AppSec strategy in your organization. \u201d <\/p>\n    <footer>\n            <\/footer>\n<\/blockquote>\n\n\n<p>MITRE ATT&amp;CK is an openly-accessible database which categorizes the methods that threat actors utilize to perform cyberattacks. The word ATT&amp;CK stands for Adversarial Tactics, Techniques and Common Knowledge, although you may hear it verbally or informally described as MITRE ATTACK. The MITRE ATT&amp;CK framework was developed in 2013 with the express purpose of improving enterprise ability to defend against cyber crime, and today it has become a crucial part of understanding and protecting against a wide range of threats.&nbsp;<\/p>\n\n\n\n<h2 class=\"wp-block-heading article-anchor\" id=\"article-anchor-2\">What is the MITRE ATT&amp;CK Matrix?<\/h2>\n\n\n\n<p>The <a href=\"https:\/\/attack.mitre.org\/matrices\/enterprise\/#\">MITRE ATT&amp;CK matrix<\/a> is a grid that maps the relationships between attacker tactics and techniques. While every column is a tactic, each row points to associated techniques and sub-techniques. At a glance, security teams can see how attackers move through the different stages of an attack. Below you can see a small subset of information on tactics and techniques in the matrix.&nbsp;<\/p>\n\n\n\n<figure class=\"wp-block-image size-full\"><img decoding=\"async\" width=\"551\" height=\"672\" src=\"https:\/\/checkmarx.com\/wp-content\/uploads\/2025\/01\/MITRE-ATTCK-framework.jpg\" alt=\"MITRE ATT&amp;CK framework\" class=\"wp-image-99889\" srcset=\"https:\/\/checkmarx.com\/wp-content\/uploads\/2025\/01\/MITRE-ATTCK-framework.jpg 551w, https:\/\/checkmarx.com\/wp-content\/uploads\/2025\/01\/MITRE-ATTCK-framework-246x300.jpg 246w\" sizes=\"(max-width: 551px) 100vw, 551px\" \/><\/figure>\n\n\n\n<h2 class=\"wp-block-heading article-anchor\" id=\"article-anchor-3\">Key Components of the MITRE ATT&amp;CK Matrix<\/h2>\n\n\n\n<p>There are three MITRE ATT&amp;CK matrices, tailored to their own domains, for enterprise, cloud and mobile. Within the matrix, you\u2019ll see the following elements:&nbsp;<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>\n<strong>Tactics: <\/strong>These cover the broad objectives an attacker may have, such as gaining initial access, execution tactics, and ways to achieve persistence in the target environment.&nbsp;<\/li>\n\n\n\n<li>\n<strong>Techniques:<\/strong> Specific strategies used to achieve the objective, for example within persistence an attacker might create or modify a system process, while within initial access, a technique may be to use a valid account.&nbsp;<\/li>\n\n\n\n<li>\n<strong>Sub-techniques: <\/strong>Here, MITRE includes detailed information on how a technique is implemented. For example, within the tactic of persistence, the technique may be account manipulation, and the sub-technique could be SSH authorized keys, or additional cloud roles.&nbsp;<\/li>\n\n\n\n<li>\n<strong>Mitigations and detections:<\/strong> Against each technique, recommendations are included for defending against the technique, as well as identifying when threat actors are using this approach.&nbsp;<\/li>\n<\/ul>\n\n\n\n<h2 class=\"wp-block-heading article-anchor\" id=\"article-anchor-4\">Challenges for Using the MITRE ATT&amp;CK Matrix<\/h2>\n\n\n\n<p><a href=\"https:\/\/cltc.berkeley.edu\/wp-content\/uploads\/2020\/10\/MITRE_ATTCK_Framework_Report.pdf\">Studies have shown<\/a> that more than 80% of enterprises use the MITRE ATT&amp;CK framework, but there are certain considerations that you should be aware of.&nbsp;<\/p>\n\n\n\n<p>Most importantly, the framework has an overwhelming scope to contend with, and covers hundreds of techniques and sub-techniques. It can be almost impossible to prioritize which ones matter the most, especially when keeping in mind your own business context. Some techniques will not be relevant for your organization or even your industry, and without understanding that \u2014 you may channel resources ineffectively. Ensuring you have a risk-based approach is crucial, as you can\u2019t cover it all.&nbsp;<\/p>\n\n\n\n<p>The matrix is also evolving all the time as threat actors change their behaviors and technology moves on at breakneck pace. It\u2019s a true challenge to keep up to date with changes as they occur.&nbsp;<\/p>\n\n\n\n<h2 class=\"wp-block-heading article-anchor\" id=\"article-anchor-5\">How Do Companies Use the MITRE ATT&amp;CK Framework?<\/h2>\n\n\n\n<p>Despite these challenges, the MITRE ATT&amp;CK framework and its matrices are used to great effect to understand and combat cyber attacks across domains. Different cybersecurity teams will use MITRE ATT&amp;CK for varying purposes. For example, threat intelligence teams will leverage the MITRE ATT&amp;CK framework to document adversary TTPs and understand how threat actors operate, while defensive teams will map the activities they observe to specific techniques so that they can highlight gaps in their visibility or defense and accelerate incident response.<\/p>\n\n\n\n<p>Other use cases can include in red teaming, pen testing or threat simulations, where teams can use MITRE ATT&amp;CK as a playbook to emulate adversarial techniques and test organizations\u2019 defenses, or work as blue teams to rehearse responses to attacks that could occur in the wild.&nbsp;&nbsp;<\/p>\n\n\n\n<p>As a comprehensive database of adversarial tactics and techniques, MITRE ATT&amp;CK also allows organizations to evaluate how effective their security controls are and validate that they are protected against known attacks.&nbsp;<\/p>\n\n\n<script src=\"https:\/\/player.vimeo.com\/api\/player.js\"><\/script>\n<script src=\"https:\/\/www.youtube.com\/iframe_api\"><\/script>\n<div class=\"aticle-video-wrapper\">\n        <h3>Checkmarx Analytics: Swift and Effective AppSec<\/h3>\n    <div class=\"aticle-video-box\">\n                    <iframe width=\"913\" height=\"514\" src=\"https:\/\/www.youtube.com\/embed\/_L-Cf4q-_Kg?enablejsapi=1\" class=\"youtube-player\" title=\"YouTube video player\" frameborder=\"0\" allow=\"accelerometer; autoplay; clipboard-write; encrypted-media; gyroscope; picture-in-picture; web-share\" referrerpolicy=\"strict-origin-when-cross-origin\" allowfullscreen><\/iframe>\n                <\/div>\n    <p>Stay ahead of the threats in a complex security landscape. Discover in this video how Checkmarx One can help you expose every vulnerability you face and then prioritize them. This ensures you cut through the alerts noise and take the actions that matter.<\/p>\n            <a href=\"https:\/\/checkmarx.com\/request-a-demo\/\" class=\"btn btn-2 btn-bg accent demo\">Get Your Custom Checkmarx One Demo!<\/a>\n        <\/div>\n<script>\n    \/\/ For youtube video only\n    var playerReady = false;\n    var player;\n\n    function onYouTubeIframeAPIReady() {\n        const iframe = document.querySelector('iframe.youtube-player');\n        if (!iframe) {\n            console.warn('Youtube player not found');\n            return;\n        }\n\n        player = new YT.Player(iframe, {\n            events: {\n                onReady: () => {\n                    playerReady = true;\n                }\n            }\n        });\n    }\n\n\n    document.addEventListener('DOMContentLoaded', () => {\n        let videoBtn = document.querySelector('.youtube-overlay-image-link');\n\n        if (!videoBtn) return;\n\n\n        videoBtn.addEventListener('click', (e) => {\n            e.preventDefault();\n            videoBtn.style.display = 'none';\n\n            if (!player || !playerReady) {\n                console.warn('The player isn\\'t ready yet');\n                return;\n            }\n\n            player.playVideo();\n\n        })\n    })\n<\/script>\n\n\n<h2 class=\"wp-block-heading article-anchor\" id=\"article-anchor-6\">Using the MITRE Framework for Application Security<\/h2>\n\n\n\n<p>As well as all of these use cases and more, MITRE ATT&amp;CK can be invaluable for AppSec teams, helping to identify and prevent application layer-attacks that target APIs, web applications or microservices. Examples include:&nbsp;<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>\n<strong>Mapping AppSec threats: <\/strong>MITRE ATT&amp;CK can help organizations to identify where attackers are exploiting application vulnerabilities to escalate privileges, or where stolen credentials have been used to access sensitive APIs or databases. It can also support identification of remote services being exploited \u2014 where attackers target APIs or web services that are exposed.&nbsp;<\/li>\n\n\n\n<li>\n<strong>Securing the SDLC<\/strong>: AppSec starts from the first line of code, and securing the Software Development Lifecycle (SDLC) is one of the main goals of an application security platform. MITRE ATT&amp;CK can help teams to identify which adversary techniques are relevant during code reviews, including input validation issues, poor authentication or exposed debug interfaces or endpoints. It can also support enhanced security testing through simulations, and promote secure-by-design applications by addressing the most common TTPs early and continuously.&nbsp;<\/li>\n\n\n\n<li>\n<strong>Improving prevention and incident response: <\/strong>By mapping application-related incidents to MITRE ATT&amp;CK techniques, teams can ensure faster root cause analysis in the event of an attack, and prioritize the vulnerabilities that matter in their environment ahead of time \u2014 those that are most likely to be exploited.&nbsp;<\/li>\n<\/ul>\n\n\n\n<h2 class=\"wp-block-heading article-anchor\" id=\"article-anchor-7\">Best Practices for Using MITRE ATT&amp;CK in AppSec<\/h2>\n\n\n\n<p>As part of a <a href=\"https:\/\/checkmarx.com\/product\/application-security-platform\/\">robust application security platform, Checkmarx One<\/a> leverages techniques and tactics from the MITRE ATT&amp;CK matrix to deliver a threat-informed approach to application security.&nbsp;<\/p>\n\n\n\n<p>Checkmarx provides contextual insight into potential methods of exploitation, <strong>correlating vulnerabilities with specific ATT&amp;CK techniques,<\/strong> helping companies to prioritize remediation efforts and gain clarity on how vulnerabilities can be exploited.&nbsp;<\/p>\n\n\n\n<p>Using the comprehensive knowledge offered by the MITRE ATT&amp;CK framework, teams can <strong>perform security testing that is aligned with the threat landscape, configuring their automation to detect patterns and anomalies<\/strong> that suggest specific MITRE ATT&amp;CK techniques, enhancing their ability to detect and respond quickly.&nbsp;<\/p>\n\n\n\n<p>By leaning on the MITRE ATT&amp;CK matrix, <strong>this knowledge can also be integrated into training programs<\/strong> for security teams and developers, so that even those without a security background can gain hands-on experience in identifying techniques that are documented in the framework. It also<strong> facilitates clear communication <\/strong>between Development, Security and Operations teams through standardized terminology that\u2019s recognized industry-wide. In this way, organizations can promote #DevSecTrust across the organization.<\/p>\n\n\n<section class=\"section-block-info light-theme\">\n    <div class=\"main-wrapper block-info__wrapper\">\n        <div class=\"block-info center\">\n\t\t\t\n\t\t\t<h2 class=\"section-title article-anchor\" id=\"article-anchor-8\">Get Your Custom Checkmarx One Demo!<\/h2>\t\t\t<p class=\"section-description\">Get everything your enterprise needs to integrate AppSec across every stage of the SDLC and build a successful AppSec program.\r\n<\/p>\n\t\t\t<div class=\"actions\">\n\t\t\t\t        <a href=\"https:\/\/checkmarx.com\/product\/application-security-platform\/\" class=\"btn btn-2 btn-bg white demo\">Discover Checkmarx One<\/a>\n        \t\t\t\t\t\t\t<\/div>\n        <\/div>\n    <\/div>\n<\/section>\n\n\n<h2 class=\"wp-block-heading article-anchor\" id=\"article-anchor-9\">A Final Word on MITRE ATT&amp;CK<\/h2>\n\n\n\n<p>By utilizing the MITRE ATT&amp;CK framework and its enterprise matrix, organizations can gain an understanding of the tactics, techniques and procedures of adversaries, and strengthen their own security posture in alignment. It gives a full view of the ways that attackers operate, and for application security professionals \u2014 can be a powerful way to coordinate and build defenses that prioritize the right vulnerabilities to ship resilient applications and secure the SDLC from the earliest stages.&nbsp;<\/p>\n\n\n\n<p>As attacks continue to evolve, using MITRE ATT&amp;CK proactively is crucial for staying ahead of the game. By using an AppSec platform like Checkmarx one, its insights are already embedded into the way you work, protecting your apps, data and ultimately your users from day one.<\/p>\n\n\n\n<p><a href=\"https:\/\/checkmarx.com\/request-a-demo\/\"><em>Speak to us about a demo of Checkmarx One.&nbsp;<\/em><\/a><\/p>","protected":false},"excerpt":{"rendered":"<p>Summary MITRE ATT&amp;CK is an openly-accessible database which categorizes the methods that threat actors utilize to perform cyberattacks. The word ATT&amp;CK stands for Adversarial Tactics, Techniques and Common Knowledge, although you may hear it verbally or informally described as MITRE ATTACK. The MITRE ATT&amp;CK framework was developed in 2013 with the express purpose of improving [&hellip;]<\/p>\n","protected":false},"author":92,"featured_media":0,"template":"","glossary-tags":[],"class_list":["post-99884","glossary","type-glossary","status-publish","hentry"],"acf":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.1.1 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>What is the MITRE ATT&amp;CK framework? - Checkmarx<\/title>\n<meta name=\"description\" content=\"The MITRE ATT&amp;CK matrix or MITRE framework documents the methods that threat actors use during a cyber attack.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/checkmarx.com\/glossary\/what-is-the-mitre-attck-framework\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"What is the MITRE ATT&amp;CK framework? - Checkmarx\" \/>\n<meta property=\"og:description\" content=\"The MITRE ATT&amp;CK matrix or MITRE framework documents the methods that threat actors use during a cyber attack.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/checkmarx.com\/glossary\/what-is-the-mitre-attck-framework\/\" \/>\n<meta property=\"og:site_name\" content=\"Checkmarx\" \/>\n<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/Checkmarx.Source.Code.Analysis\" \/>\n<meta property=\"article:modified_time\" content=\"2025-01-08T09:53:12+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/checkmarx.com\/wp-content\/uploads\/2025\/01\/MITRE-ATTCK-framework.jpg\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:site\" content=\"@checkmarx\" \/>\n<meta name=\"twitter:label1\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data1\" content=\"6 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"WebPage\",\"@id\":\"https:\/\/checkmarx.com\/glossary\/what-is-the-mitre-attck-framework\/\",\"url\":\"https:\/\/checkmarx.com\/glossary\/what-is-the-mitre-attck-framework\/\",\"name\":\"What is the MITRE ATT&amp;CK framework? - Checkmarx\",\"isPartOf\":{\"@id\":\"https:\/\/checkmarx.com\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/checkmarx.com\/glossary\/what-is-the-mitre-attck-framework\/#primaryimage\"},\"image\":{\"@id\":\"https:\/\/checkmarx.com\/glossary\/what-is-the-mitre-attck-framework\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/checkmarx.com\/wp-content\/uploads\/2025\/01\/MITRE-ATTCK-framework.jpg\",\"datePublished\":\"2025-01-08T09:13:41+00:00\",\"dateModified\":\"2025-01-08T09:53:12+00:00\",\"description\":\"The MITRE ATT&CK matrix or MITRE framework documents the methods that threat actors use during a cyber attack.\",\"breadcrumb\":{\"@id\":\"https:\/\/checkmarx.com\/glossary\/what-is-the-mitre-attck-framework\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/checkmarx.com\/glossary\/what-is-the-mitre-attck-framework\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/checkmarx.com\/glossary\/what-is-the-mitre-attck-framework\/#primaryimage\",\"url\":\"https:\/\/checkmarx.com\/wp-content\/uploads\/2025\/01\/MITRE-ATTCK-framework.jpg\",\"contentUrl\":\"https:\/\/checkmarx.com\/wp-content\/uploads\/2025\/01\/MITRE-ATTCK-framework.jpg\",\"width\":551,\"height\":672,\"caption\":\"MITRE ATT&CK framework\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/checkmarx.com\/glossary\/what-is-the-mitre-attck-framework\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Glossary\",\"item\":\"https:\/\/checkmarx.com\/glossary\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"What is the MITRE ATT&amp;CK framework?\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/checkmarx.com\/#website\",\"url\":\"https:\/\/checkmarx.com\/\",\"name\":\"Checkmarx\",\"description\":\"The world runs on code. We secure it.\",\"publisher\":{\"@id\":\"https:\/\/checkmarx.com\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/checkmarx.com\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/checkmarx.com\/#organization\",\"name\":\"Checkmarx\",\"url\":\"https:\/\/checkmarx.com\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/checkmarx.com\/#\/schema\/logo\/image\/\",\"url\":\"https:\/\/checkmarx.com\/wp-content\/uploads\/2024\/02\/logo-dark.svg\",\"contentUrl\":\"https:\/\/checkmarx.com\/wp-content\/uploads\/2024\/02\/logo-dark.svg\",\"width\":1,\"height\":1,\"caption\":\"Checkmarx\"},\"image\":{\"@id\":\"https:\/\/checkmarx.com\/#\/schema\/logo\/image\/\"},\"sameAs\":[\"https:\/\/www.facebook.com\/Checkmarx.Source.Code.Analysis\",\"https:\/\/x.com\/checkmarx\",\"https:\/\/www.youtube.com\/user\/CheckmarxResearchLab\",\"https:\/\/www.linkedin.com\/company\/checkmarx\"]}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"What is the MITRE ATT&amp;CK framework? - Checkmarx","description":"The MITRE ATT&CK matrix or MITRE framework documents the methods that threat actors use during a cyber attack.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/checkmarx.com\/glossary\/what-is-the-mitre-attck-framework\/","og_locale":"en_US","og_type":"article","og_title":"What is the MITRE ATT&amp;CK framework? - Checkmarx","og_description":"The MITRE ATT&CK matrix or MITRE framework documents the methods that threat actors use during a cyber attack.","og_url":"https:\/\/checkmarx.com\/glossary\/what-is-the-mitre-attck-framework\/","og_site_name":"Checkmarx","article_publisher":"https:\/\/www.facebook.com\/Checkmarx.Source.Code.Analysis","article_modified_time":"2025-01-08T09:53:12+00:00","og_image":[{"url":"https:\/\/checkmarx.com\/wp-content\/uploads\/2025\/01\/MITRE-ATTCK-framework.jpg","type":"","width":"","height":""}],"twitter_card":"summary_large_image","twitter_site":"@checkmarx","twitter_misc":{"Est. reading time":"6 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"WebPage","@id":"https:\/\/checkmarx.com\/glossary\/what-is-the-mitre-attck-framework\/","url":"https:\/\/checkmarx.com\/glossary\/what-is-the-mitre-attck-framework\/","name":"What is the MITRE ATT&amp;CK framework? - Checkmarx","isPartOf":{"@id":"https:\/\/checkmarx.com\/#website"},"primaryImageOfPage":{"@id":"https:\/\/checkmarx.com\/glossary\/what-is-the-mitre-attck-framework\/#primaryimage"},"image":{"@id":"https:\/\/checkmarx.com\/glossary\/what-is-the-mitre-attck-framework\/#primaryimage"},"thumbnailUrl":"https:\/\/checkmarx.com\/wp-content\/uploads\/2025\/01\/MITRE-ATTCK-framework.jpg","datePublished":"2025-01-08T09:13:41+00:00","dateModified":"2025-01-08T09:53:12+00:00","description":"The MITRE ATT&CK matrix or MITRE framework documents the methods that threat actors use during a cyber attack.","breadcrumb":{"@id":"https:\/\/checkmarx.com\/glossary\/what-is-the-mitre-attck-framework\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/checkmarx.com\/glossary\/what-is-the-mitre-attck-framework\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/checkmarx.com\/glossary\/what-is-the-mitre-attck-framework\/#primaryimage","url":"https:\/\/checkmarx.com\/wp-content\/uploads\/2025\/01\/MITRE-ATTCK-framework.jpg","contentUrl":"https:\/\/checkmarx.com\/wp-content\/uploads\/2025\/01\/MITRE-ATTCK-framework.jpg","width":551,"height":672,"caption":"MITRE ATT&CK framework"},{"@type":"BreadcrumbList","@id":"https:\/\/checkmarx.com\/glossary\/what-is-the-mitre-attck-framework\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Glossary","item":"https:\/\/checkmarx.com\/glossary\/"},{"@type":"ListItem","position":2,"name":"What is the MITRE ATT&amp;CK framework?"}]},{"@type":"WebSite","@id":"https:\/\/checkmarx.com\/#website","url":"https:\/\/checkmarx.com\/","name":"Checkmarx","description":"The world runs on code. We secure it.","publisher":{"@id":"https:\/\/checkmarx.com\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/checkmarx.com\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/checkmarx.com\/#organization","name":"Checkmarx","url":"https:\/\/checkmarx.com\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/checkmarx.com\/#\/schema\/logo\/image\/","url":"https:\/\/checkmarx.com\/wp-content\/uploads\/2024\/02\/logo-dark.svg","contentUrl":"https:\/\/checkmarx.com\/wp-content\/uploads\/2024\/02\/logo-dark.svg","width":1,"height":1,"caption":"Checkmarx"},"image":{"@id":"https:\/\/checkmarx.com\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/www.facebook.com\/Checkmarx.Source.Code.Analysis","https:\/\/x.com\/checkmarx","https:\/\/www.youtube.com\/user\/CheckmarxResearchLab","https:\/\/www.linkedin.com\/company\/checkmarx"]}]}},"_links":{"self":[{"href":"https:\/\/checkmarx.com\/wp-json\/wp\/v2\/glossary\/99884","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/checkmarx.com\/wp-json\/wp\/v2\/glossary"}],"about":[{"href":"https:\/\/checkmarx.com\/wp-json\/wp\/v2\/types\/glossary"}],"author":[{"embeddable":true,"href":"https:\/\/checkmarx.com\/wp-json\/wp\/v2\/users\/92"}],"version-history":[{"count":0,"href":"https:\/\/checkmarx.com\/wp-json\/wp\/v2\/glossary\/99884\/revisions"}],"wp:attachment":[{"href":"https:\/\/checkmarx.com\/wp-json\/wp\/v2\/media?parent=99884"}],"wp:term":[{"taxonomy":"glossary-tags","embeddable":true,"href":"https:\/\/checkmarx.com\/wp-json\/wp\/v2\/glossary-tags?post=99884"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}