---
type: CKG Bundle
title: MITRE ATT&CK + Security Stack
tags: [Compliance & Security]
timestamp: 2026-06-18T00:00:00Z
ckg:
  id: mitre-attack
  nodes: 60
  license: CC BY 4.0
---

# MITRE ATT&CK + Security Stack — Compressed Knowledge Graph

```csv
ConceptID,ConceptLabel,TaxonomyID
1,MITRE ATT&CK (Enterprise),FOUND
2,Tactic: Reconnaissance,TACTIC
3,Tactic: Resource Development,TACTIC
4,Tactic: Initial Access,TACTIC
5,Tactic: Execution,TACTIC
6,Tactic: Persistence,TACTIC
7,Tactic: Privilege Escalation,TACTIC
8,Tactic: Defense Evasion,TACTIC
9,Tactic: Credential Access,TACTIC
10,Tactic: Discovery,TACTIC
11,Tactic: Lateral Movement,TACTIC
12,Tactic: Collection,TACTIC
13,Tactic: Command and Control,TACTIC
14,Tactic: Exfiltration,TACTIC
15,Tactic: Impact,TACTIC
16,Phishing (T1566),TECH
17,Spearphishing Attachment (T1566.001),TECH
18,Valid Accounts (T1078),TECH
19,Exploit Public-Facing App (T1190),TECH
20,Command & Scripting Interpreter (T1059),TECH
21,PowerShell (T1059.001),TECH
22,Scheduled Task/Job (T1053),TECH
23,Create or Modify System Process (T1543),TECH
24,OS Credential Dumping (T1003),TECH
25,LSASS Memory (T1003.001),TECH
26,Brute Force (T1110),TECH
27,Process Injection (T1055),TECH
28,Obfuscated Files or Info (T1027),TECH
29,Remote Services (T1021),TECH
30,Ingress Tool Transfer (T1105),TECH
31,Application Layer Protocol (T1071),TECH
32,Exfiltration Over C2 Channel (T1041),TECH
33,Data Encrypted for Impact (T1486),TECH
34,Mitigation: User Training (M1017),MIT
35,Mitigation: Multi-Factor Auth (M1032),MIT
36,Mitigation: Privileged Account Mgmt (M1026),MIT
37,Mitigation: Network Segmentation (M1030),MIT
38,Mitigation: Endpoint Behavior Prevention (M1040),MIT
39,Mitigation: Patch Software (M1051),MIT
40,Mitigation: Execution Prevention (M1038),MIT
41,Mitigation: Credential Protection (M1043),MIT
42,Mitigation: Data Backup (M1053),MIT
43,Detection: Process Creation,DET
44,Detection: Authentication Logs,DET
45,Detection: Network Traffic,DET
46,Detection: Command Execution,DET
47,Detection: File Monitoring,DET
48,CWE Weaknesses,XWALK
49,CWE-79 Cross-Site Scripting,XWALK
50,CWE-89 SQL Injection,XWALK
51,CWE-787 Out-of-Bounds Write,XWALK
52,CVE / CISA KEV Catalog,XWALK
53,OWASP Top 10,XWALK
54,OWASP LLM Top 10,XWALK
55,LLM01 Prompt Injection,XWALK
56,LLM06 Sensitive Info Disclosure,XWALK
57,Exploit-to-Weakness-to-CVE Crosswalk,XWALK
58,ATT&CK-to-D3FEND Crosswalk,XWALK
59,NIST 800-53 Control Mapping,XWALK
60,Embedded/IoT Hardware Attacks (link),XWALK
```

## Edges (prerequisite -> concept)
1 -> 2
1 -> 3
1 -> 4
1 -> 5
1 -> 6
1 -> 7
1 -> 8
1 -> 9
1 -> 10
1 -> 11
1 -> 12
1 -> 13
1 -> 14
1 -> 15
4 -> 16
16 -> 17
4 -> 18
6 -> 18
7 -> 18
8 -> 18
4 -> 19
5 -> 20
20 -> 21
5 -> 22
6 -> 22
7 -> 22
6 -> 23
9 -> 24
24 -> 25
9 -> 26
7 -> 27
8 -> 27
8 -> 28
11 -> 29
13 -> 30
13 -> 31
14 -> 32
15 -> 33
16 -> 34
18 -> 35
26 -> 35
18 -> 36
24 -> 36
29 -> 37
31 -> 37
27 -> 38
21 -> 38
19 -> 39
20 -> 40
28 -> 40
25 -> 41
33 -> 42
20 -> 43
21 -> 43
22 -> 43
18 -> 44
26 -> 44
35 -> 44
31 -> 45
32 -> 45
37 -> 45
21 -> 46
40 -> 46
28 -> 47
30 -> 47
1 -> 48
48 -> 49
48 -> 50
48 -> 51
19 -> 52
48 -> 52
1 -> 53
1 -> 54
54 -> 55
54 -> 56
19 -> 57
51 -> 57
52 -> 57
8 -> 58
38 -> 58
35 -> 59
36 -> 59
37 -> 59
1 -> 60

*Free CKG · Graphify.md · `pip install ckg-mcp` for all · own the knowledge layer, rent the model*