| MITRE ATT&CK | Table with Tactics and Techniques, see Alarms List View for more information. |
| Command and Control Top Assets | The command and control tactic represents how adversaries communicate with systems under their control within a target network. |
| Exfiltration Top Assets | Exfiltration refers to techniques and attributes that result or aid in the adversary stealing files and information from a target network. |
| Privilege Escalation Top Assets | Privilege escalation is the result of actions that allows an adversary to obtain a higher level of permissions on a system or network. |
| Lateral Movement Top Assets | Lateral movement consists of techniques that enable an adversary to access and control remote systems on a network. |
| Credential Access Top Assets | Credential access represents techniques resulting in access to or control over system, domain, or service credentials. |
| Discovery Top Assets | Discovery consists of techniques that allow the adversary to gain knowledge about the system and internal network. |
| Defense Evasion Top Assets | Defense evasion consists of techniques an adversary may use to evade detection or avoid other defenses. |
| Persistence Top Assets | Persistence is any access, action, or configuration change to a system that gives an adversary a persistent presence on that system. |
| Execution Top Assets | The execution tactic represents techniques that result in execution of adversary-controlled code on a local or remote system. |
| Collection Top Assets | Collection consists of techniques used to identify and gather information, such as sensitive files, from a target network prior to exfiltration. |
| Initial Access Top Assets | The initial access tactic represents the vectors adversaries use to gain an initial foothold within a network. |
