Changelog


7 January 2021

ATT&CK Website version 3.5.0

Improvements

  • Updated ATT&CK Navigator and layer versions. See issue #343.

24 November 2021

ATT&CK Website version 3.4.3

Fixes

  • Fixed footer on tactic list pages. See issue #339.
  • Fixed table scrolling on technique and tactic list pages.
  • Fixed deprecation marker on tactic list pages for deprecated domains.

10 November 2021

ATT&CK content version 10.1

This minor release includes the following bugfixes:

Techniques

Enterprise

Technique changes:

Minor Technique changes:

Mobile

Minor Technique changes:

Software

Enterprise

Minor Software changes:

Software deprecations:

Mobile

Minor Software changes:

Groups

Enterprise

Minor Group changes:

Data Sources and/or Components

Enterprise

Minor Data Source and/or Component changes:

Contributors to this release

  • Center for Threat-Informed Defense (CTID)
  • Hiroki Nagahama, NEC Corporation
  • Lior Ribak, SentinelOne
  • Manikantan Srinivasan, NEC Corporation India
  • Pooja Natarajan, NEC Corporation India

ATT&CK website version 3.4.2

Improvements

  • Added deprecation card to deprecated mitigations, groups, and software as already observed in deprecated techniques.

Fixes

  • Fixed an issue where release notes were incorrectly linking data source pages.

27 October 2021

ATT&CK website version 3.4.1

Improvements

  • Minor UI readability improvement to toolbar that displays ATT&CK content and website version.
  • Added random query string to site.js to prevent that file from being cached between releases.
  • ATT&CK in Excel only creates hyperlinks to documents that were created by attackToExcel.py.

Fixes

  • Fixed an issue where deprecated and revoked sub-techniques could appear on matrices.

21 October 2021

ATT&CK content version 10.0

See the release notes here.

ATT&CK website version 3.4.0

Improvements

  • Added support for data sources and data components. See issue #321.
    • Added data sources pages that may be found under /datasources/DS####
    • Updated technique pages by moving data source mappings to detection section
  • Improved side navigation elements:
    • Side-navs now scroll independently of the main page contents, making it easier to work with long pages.
    • The side-nav title (e.g "mitigations") will now stay in the view when scrolled.
    • The side-nav will now scroll to the active page link when initialized.
  • Added definitions to technique, tactic, mitigation list pages.
  • Improved supports remote definition for techniques.

Fixes

  • Fixed dockerfile to not fail due to test warning. See issue #326.
  • Fixed build from crashing when a technique does not have a defined platform. See issue #329.
  • Fixed build from crashing when a tactic does not have defined techniques. See issue #73.
  • Fixed build from crashing when an object that supports references does not have a defined reference. See issue #321.

1 July 2021

ATT&CK website version 3.3.1

Improvements

  • Updated docs to clarify that both STIX 2.0 and STIX 2.1 input data is supported. See issue #317.
  • Updated privacy policy.

Fixes

  • Hyperlinks in matrices will no longer direct users to attack.mitre.org on custom instances of the site. See issue #319.

30 June 2021

ATT&CK website version 3.3.0

Improvements

  • Improved usability of matrix side layout to better differentiate tactic columns. See issue #273.
  • Improved matrix layout selection to include layout in dropdown title. See issue #277.
  • Added links to tactics in the technique information card. See issue #288.
  • Updated the working with ATT&CK page to mention ATT&CK Workbench and STIX 2.1 support.
  • Updated matrix poster to most recent version of ATT&CK.

Fixes

  • Moved and renamed redirections module to main modules. Prevents broken hyperlinks from revoked objects that would appear when running the build without the optional --extras flag. See issue #278.
  • Fixed broken links on the Getting Started page. See issue #281.
  • Updated Dockerfile to build from Ubuntu 20.04 LTS. See issue #312.

16 June 2021

ATT&CK website version 3.2.3

Improvements

  • Added support for deprecated relationships, software and groups. Deprecated relationships, software and groups will not appear on the website UI but can be added to STIX bundles. See issue #302 and #305.
  • Added support for input data with more than one object with the same STIX or ATT&CK ID which can occur if there are multiple versions of the object present in the data. Website will display the most recently modified object depending on the deprecation status. See issue #304.
  • Sorted sub-techniques by ATT&CK ID on Techniques Used tables. See issue #314.

Fixes

  • Fixed Dockerfile which would not run on the current website version. See issue #313.
  • Fixed some issues where objects would appear in the wrong domain under specific circumstances. See issue #310.

20 May 2021

ATT&CK website version 3.2.2

Improvements

  • Improved testing of external links to report all instances of non-200 responses (instead of just 404 responses) and provide better reporting on the results of the test.

Fixes

  • Added missing groups excel in the ATT&CK in Excel section of Working with ATT&CK.
  • Fixed CTI training ticket number 4473845 -> 473845. See issue #296.

29 April 2021

ATT&CK Content version 9.0

See release notes here.

ATT&CK website version 3.2.1

Fixes

  • Removing duplicate "Command: Command Execution" data source from (sub-)techniques.

ATT&CK website version 3.2.0

Improvements

  • Replaced GCP, AWS and Azure platforms with Infrastructure-as-a-Service (IaaS). See issue #276.
  • Added Google Workspace platform to Cloud platform list.
  • Added Containers platform to enterprise platform list.
  • Add support for STIX 2.1.
    • note SDOs will now be rendered on object pages when present in the STIX data.
  • Improved configuration allowing user to pull data from any HTTP endpoint instead of relying on data stored in the repository. Configuration of data endpoints can be found in modules/site_config.py. See issue #139.
  • Added tooltips describing fields to the card on object pages. See issue #148.
    • Added to fields on technique pages: Tactics, Platforms, System Requirements, Permissions Required, Effective Permissions, Data Sources, Supports Remote, Defense Bypassed, Impact Type, CAPEC ID, and MTC ID.
    • Added to field on group pages: Associated Groups.
    • Added to fields on software pages: Associated Software, Type, and Platforms.
  • Added generation of Navigator layers for mitigations, and updated navigator layer version to 4.2. See issue #234.
  • Added ATT&CK IDs to Mitigations and Procedure Examples on technique pages, and software and group home pages. See issues #235 and #236.
  • Improved the Working with ATT&CK page with additional information about ATT&CK data and the tools with which it can be manipulated. The new page also includes generated Excel spreadsheets representing the ATT&CK knowledge base (see also mitreattack-python's attackToExcel converter). See issue #142.
  • Data sources in technique cards are now hyperlinks to the attack-datasources GitHub repository.

Fixes

  • Fixed a bug with automatic redirection generation which was causing some redirects to build in the wrong directory.

23 March 2021

ATT&CK website version 3.1.1

Improvements

  • Updated ATT&CKcon page with ATT&CKcon Power Hour.

27 January 2021

ATT&CK Content version 8.2

ATT&CK version 8.2 contains new reporting for the activity related to the SolarWinds supply chain injection.

New Techniques:

Technique changes:

New Software:

New Groups:

ATT&CK website version 3.1

Improvements

  • Updated Navigator layers to version 4.1 so that users are no longer warned that they are out of date.
  • Updated introductory video on getting started page.

12 November 2020

ATT&CK Content version 8.1

Fixes

  • Fixed typo "stressor" to "stresser"
  • Fixed type and version for S0154
  • Fixed contributors for T1598, T1598.001, T1598.002, T1598.003, and S0514

Additions

  • new reporting and procedure examples for G0102

27 October 2020

ATT&CK Content version 8.0

See release notes here.

ATT&CK Website version 3.0

Improvements

  • Added a link on the home page that takes the user to a random page within a specified category. See issue #98.
  • Base template does not get overwritten when site configuration data changes. See issue #147.
  • STIX cleaning code is now moved into macro. References are now sorted in order of appearance. See issue #161.
  • The tour is generated through an independent module and steps are chosen depending the available modules. See issue #166.
  • Modules and test arguments are now required if flags are presented. See issue #177.
  • The search index is now loaded from cache (when available), resulting in faster search loading for most browsers. See issue #167.
  • Updated website dependencies. See issue #181.
  • Matrix layouts on the home page and matrices page now persist across pages and sessions. See issue #165.
  • Added Network matrix. See issue #230.
  • Removed PRE-ATT&CK domain to support migration into the new tactics in Enterprise-ATT&CK; see the PRE matrix for the replacing tactics. See issue #222.
  • Added PRE matrix. See issue #251.
  • Website built by users are visually distinct from attack.mitre.org unless brand flag is added as an argument. See issue #240.
  • Website is built without specific related ATT&CK content such as resources, contribute, and blog unless specified. See issue #241.

Fixes

  • Fixed bug where bootstrap dropdown menu buttons require two clicks to open the first time they are opened. See issue #152.
  • Fixed subdirectory support for navigator links on groups and software pages. See issue #170.
  • Fixed typo on the Training page. See issue #180.
  • Fixed (for most scenarios) slow loading of the search index when using Firefox. See issues #167 and #187.
  • Fixed versioning feature ran under a subdirectory. See issue #200.

8 August 2020

ATT&CK Website version 2.1.4

Improvements

  • Updated roadmap and matrix poster on the resources page. See issue #255.

6 August 2020

ATT&CK Website version 2.1.3

Improvements

  • Added note on the CTI training page to indicate that ATT&CK v6 should be used instead of ATT&CK v7. See issue #221.

15 July 2020

ATT&CK Content version 7.2

This minor release includes the following bugfixes:

13 July 2020

ATT&CK Content version 7.1

This minor release includes the following bugfixes:

Change About
Removed the relationship Dark CaracalPallas from enterprise-attack Relationship moved to mobile
Removed the relationship Bouncing GolfGolfSpy from enterprise-attack Relationship moved to mobile
Removed the group Bouncing Golf from enterprise-attack Group should be mobile only (was previously in both domain bundles)
Added the relationship Dark CaracalFinFisher to mobile-attack Relationship was only present in enterprise, but since both objects are in both domains the relationship should be duplicated across bundles.
Added the relationship Dark CaracalPallas to mobile-attack Relationship moved from enterprise
Added the relationship Bouncing GolfGolfSpy to mobile-attack Relationship moved from enterprise

ATT&CK Website version 2.1.2

Improvements

Fixes

  • Corrected the end date of v6 in the preserved version, on the Versions of ATT&CK page, and v6 release notes. See issue #204.
  • Removed links to the /beta/ website from the changelog and March 2020 release notes. See issue #205.
  • Updated the broken citation tests to catch malformed citations where Citation: is not followed by a space. See issue #209.
  • Fixed bug where the "Versions of ATT&CK" segment of the tour would loop instead of sending the user back to the site index. See issue #203.
  • Fixed the preserved v6 and v3 versions of the site so that the search interface doesn't send the user to the current site when they click on links. See issue #215.
  • Fixed a typo on the enterprise matrices.

8 July 2020

ATT&CK Content version 7.0

See release notes here.

ATT&CK Website version 2.1.1

Improvements

  • Improved matrix page header layout with versioning feature. See issue #190.
  • Added versioning feature to tour. See issue #191.

Fixes

  • Fixed number of tactics displayed on tactics overview pages. See issue #183.
  • Fixed objects without descriptions not showing up on techniques used tables. See issue #186.
  • Fixed a bug where contributor lists were delimited with commas instead of semicolons on group and software pages. See issue #196.

ATT&CK Website version 2.1

New Features

  • Added tooltips to all matrices to show tactic IDs, technique IDs, and sub-technique IDs when hovering over tactic names, technique names, and sub-technique names. See issue #120.

Improvements

  • The site is now easier to rebrand; color themes and logos can now be changed with simple modifications to the site code. See issue #80.
  • Added horizontal scroll indicators to matrices so that it's easier to tell when there's more to the left or right. See issue #93.
  • The website tour route is now generated dynamically, allowing the site to adapt the tour to custom STIX content. See issue #110.
  • Added Navigator layers to the changelog of the sub-techniques update. See issue #126.
  • Updated contribute page. See issue #162.

Fixes

  • Added internet explorer support for the sub-techniques matrix. Improved behavior of sub-techniques matrix in Edge browser. See issue #114.
  • Fixed bug where sidenav wouldn't open the correct tactic when opening the sub-technique of a technique. See issue #78.
  • Fixed bug where contributors wouldn't appear in search. See issue#150.
  • Added horizontal scroll indicators to matrices so that it's easier to tell when there's more to the left or right. See issue #93.
  • Fixed sizing of homepage twitter card for better mobile device compatibility. See issue #92.
  • Fixed a crash that occurred when building the site with mitigations that have no relationships with techniques. See issue #153.
  • Fixed outdated ATT&CK Navigator link on the contact page. See issue #143.
  • Updated incorrect technique count on March 2020 update. See issue #141.

March 31, 2020

ATT&CK Website version 2.0

New Features

  • Added sub-techniques.
    • Added pages for sub-techniques. Sub-technique pages are found under their parent technique, e.g /techniques/T####/###. Sub-technique names and IDs are prefixed with that of their parent technique. Otherwise they are largely formatted like techniques. See issue #23.
    • Added sub-technique listing card to techniques with sub-techniques. See issue #24.
    • Updated techniques used/mitigated lists to differentiate sub-techniques and techniques. See issue #25.
    • Added sub-techniques to side-navigation and technique/tactic lists. See issue #26.
    • Updated FAQ with sub-technique information. See issue #41.
    • Updated ATT&CK Matrix layout to support sub-techniques.
      • Two layouts of the matrix are available:
        • the "side" layout (default), where sub-techniques appear in an adjacent sub-column of the tactic.
        • the "flat" layout, where sub-techniques appear nested beneath their parent similar to an indented list. The control to toggle between them appears only when sub-techniques are present in the matrix.
      • Sub-techniques can be hidden and shown under their parent by clicking the gray sidebar.
      • Show-all / hide-all buttons were added to show/hide all sub-techniques. See issue #43.
      • Added "help" button to matrices which plays the matrix portion of the sub-technique tour. See issue #28.
    • Added sub-technique support for technique usage ATT&CK Navigator layers on group and software pages. See issue #29.
  • Added the "take a tour" feature. The tour feature guides the user through the sub-technique changes. Click "take a tour" on the homepage or follow this link to start the tour automatically. See issue #28.

Improvements

  • Improvements to deprecated techniques. See issue #116.
    • Page content except for the deprecation warning now omitted to discourage continued use
    • Now hidden from search (both ours and search engines')
    • No longer found in technique lists, etc
  • ATT&CK Archives now allows for archived versions to be "retired." Retired versions are removed from the /previous/ directory and replaced with links to the raw data and HTML. See issue #102.
  • Lists within data cards, e.g the platforms of a technique, are now in alphabetical order. See issue #84.
  • Matrix timestamps are now calculated from the modified date on the x-mitre-matrix STIX object. Additionally, said timestamps are now formatted the same as modified dates on other pages of the website. See issue #27.
  • Revisions to the layout of the matrix pages to improve readability when multiple matrices occur within a domain.

ATT&CK Content version 7.0-beta

See release notes here.

17 June 2020

ATT&CK Website version 1.3.1

Fixes

  • Fixed navigator links on groups and software pages that were repeating the domain on the URI. See issues #169 and #192.

10 June 2020

ATT&CK Website version 1.3

This update includes a major refactor of the ATT&CK catalog versioning system, previously referred to as "previous versions."

  • Versions have been moved from /previous/monthYear to /versions/v# which should be more predictable and consistent with the way the versions are referred to elsewhere. Redirects have been created so that users who bookmarked the old URLs will get sent to the new ones. See issue #174.
  • Added a permalink to the current version of the site. See issue #175.
    • Current version is preserved alongside other versions in /versions/.
    • Object pages on the live website now have a "version permalink" leading to a frozen version of that page.
    • Permalink and previous versions now have a "live version" link leading to the most recent version of that page.
  • Revised the version list. Find the new version list on the Versions of ATT&CK page, which replaced the "previous versions" page.
    • Now formatted as an easy to read table.
    • Added links to the data on MITRE/CTI for each version.
    • Revised blurb on how versions work to explain our methodology behind the catalog version numbers and versioning system.
  • Updated past release notes to mention the version number for each release.

31 March 2020

The sub-techniques beta is now live! Read the release blog post for more details.

Changes

  • Added sub-techniques release announcement banner.
  • Added sub-techniques release docs

9 March 2020

ATT&CK Content version 6.3

Fixes

  • Fixed typo in M1026.
  • Updated copyright statement marking-definition to match that on https://attack.mitre.org.
  • Fixed invalid bundle IDs on marking-definition objects.

6 March 2020

ATT&CK Website version 1.2.4

Fixes

  • Minor revision to the ATT&CK logo.

4 March 2020

ATT&CK Website version 1.2.3

Improvements

  • Updated trademark language. See issue #54.
  • Updated ATT&CK™ to ATT&CK®. See issue #55.
  • Update wordmarks to have ® instead of ™. See issue #56.
  • Updated "How Should I reference the name ATT&CK" in FAQ. See issue #57.
  • Updated copyrights to 2020. See issue #58.
  • Updated README. See issue #59.

20 February 2020

ATT&CK Website version 1.2.2

Fixes

  • Added redirects to for matrix poster and roadmap. See issue #85

18 February 2020

ATT&CK Website version 1.2.1

Improvements

Fixes

  • Fixed PRE-ATT&CK side-navigation toggle on tactics and techniques. See issue #81.

17 February 2020

ATT&CK Website version 1.2

New Features

  • Added Docker support, enabling users to easily build and host a docker container of the ATT&CK Website. See issue #17.
  • Added configuration options to specify url of attached ATT&CK Navigator instance. See issue #18.
  • Added the ability to configure site to be hosted from a subdirectory. See issue #15.

Improvements

  • Added talks and links to videos to the General Information page.
  • Updated navigation drawer on technique, tactic, and mitigation pages to make domains more accessible. See issue #53.
  • Major overhaul of site search UI. See issue #4.

Fixes

  • Sticky footer should be less temperamental when the page resizes. See issue #51.

7 January 2020

ATT&CK Website version 1.1.1

Improvements

3 January 2020

ATT&CK Website version 1.1

New Features

  • Added created and last modified dates to object pages. See issue #38.
  • Added ATT&CK training to website. See issue #22.

Improvements

  • Improved maintainability of ATT&CKcon page and added ATT&CKcon 2.0 content. See issue #19.
  • Improved maintainability of FAQ page, and added FAQ entries for sub-techniques and the relationships of ATT&CK and other models. See issues #30, #41.
  • Added website and content version number to the footer. See issue #10.
  • Added changelog page to website reachable by version number link in the footer.

5 December 2019

ATT&CK Website version 1.0.4

Fixes

  • Fixed a typo in the software side-navigation header. See issue #39.

2 December 2019

ATT&CK Website version 1.0.3

Improvements

  • Updated roadmap to latest version. See issue #31.

ATT&CK Content version 6.2

Fixes

  • Updated contributors for T1036 and T1497.

25 November 2019

ATT&CK Website version 1.0.2

Fixes

  • Removed google analytics and google-site-verification from source code. See issue #11.

22 November 2019

ATT&CK Website version 1.0.1

Fixes

  • Fixed incorrect initial state for the side-navigation on the cloud matrix page. See issue #8.

21 November 2019

ATT&CK Website version 1.0

This is the initial release of the website source code.

ATT&CK Content version 6.1

Fixes

  • Fixed missing external_reference value in Office Application Startup (T1137).

24 October 2019

ATT&CK Content version 6.0

See release notes here.