This HUD is an interactive map of the MITRE ATT&CK Enterprise matrix — the industry reference for adversary tactics, techniques, and procedures (TTPs). The fourteen tactics around the core represent why an adversary acts; techniques represent how.
Two frameworks frequently confused. Both describe adversary progression, but they answer different questions:
• Click a tactic node for its strategic intent, an example, and the techniques it contains.
• Click a technique for platforms, observed threat actors, data sources, mitigations, and framework mappings (NIST CSF 2.0 + CIS v8).
• Query the Forensic Vault for a reference Sigma/KQL/SPL detection rule.
• Press ESC at any time to step back one level.