Welcome to the Cyber Analytics Repository

From Cyber Analytics Repository
Jump to: navigation, search

The Cyber Analytics Repository (CAR) is a knowledge base of analytics developed by MITRE based on the Adversary Tactics, Techniques, and Common Knowledge (ATT&CK™) adversary model.

If you want to start exploring try viewing a list of all analytics or use the CAR Exploration Tool (CARET).

Analytics stored in CAR contain the following information

  • a hypothesis which explains the idea behind the analytic
  • the information domain or the primary domain the analytic is designed to operate within (e.g. host, network, process, external)
  • references to ATT&CK Techniques and Tactics that the analytic detexts
  • the type of analytic
  • a pseudocode description of how the analytic might be implemented
  • a unit test which can be run to trigger the analytic

CAR is intended to be shared with cyber-defenders throughout the community. Check out the help page for an introduction to using CAR. See the Methodology page for more information on how CAR analytics are created. For questions regarding the use of the wiki software, consult the MediaWiki User's Guide.

Have a question? Contact us