Name | Description |
Model | The model tactic is used to apply security engineering, vulnerability, threat, and risk analyses to digital systems. This is accomplished by creating and maintaining a common understanding of the systems being defended, the operations on those systems, actors using the systems, and the relationships and interactions between these elements. |
Harden | The harden tactic is used to increase the opportunity cost of computer network exploitation. Hardening differs from Detection in that it generally is conducted before a system is online and operational. |
Detect | The detect tactic is used to identify adversary access to or unauthorized activity on computer networks. |
Isolate | The isolate tactic creates logical or physical barriers in a system which reduces opportunities for adversaries to create further accesses. |
Deceive | The deceive tactic is used to advertise, entice, and allow potential attackers access to an observed or controlled environment. |
Evict | The eviction tactic is used to remove an adversary from a computer network. |