ATT&CK Integration into VERIS

Project Summary

Published : Apr 6, 2023

This project updates and expands the translation layer between VERIS and ATT&CK allowing ATT&CK to describe the adversary behaviors that were observed in an incident coded in VERIS. These connections allow for joint analysis of the information that ATT&CK describes well alongside the incident demographics and metadata that VERIS describes well. 


Users of the VERIS data model lack a well-defined way to link incidents described in VERIS to the underlying adversary TTPs used in that incident.


Build and document a common and open method to link data in VERIS format to specific ATT&CK TTPs.


Empowers defenders to efficiently tie adversary TTPs to their real-world impact by connecting ATT&CK-based threat intel to VERIS-based incident reports. 

Funding Research Participants

Leadership Spotlight: 
Collaborative Leadership Driving Innovation


Hear directly from research participants about this project and why it matters. Learn how these leaders are changing the game on the adversary.

Share This Project

Stay Informed

Stay informed about new releases of R&D projects and other exciting updates from the Center for Threat-Informed Defense.