Welcome to the Cyber Analytics Repository
The Cyber Analytics Repository (CAR) is a knowledge base of analytics developed by MITRE based on the Adversary Tactics, Techniques, and Common Knowledge (ATT&CK™) adversary model.
Analytics stored in CAR contain the following information
- a hypothesis which explains the idea behind the analytic
- the information domain or the primary domain the analytic is designed to operate within (e.g. host, network, process, external)
- references to ATT&CK Techniques and Tactics that the analytic detexts
- the type of analytic
- a pseudocode description of how the analytic might be implemented
- a unit test which can be run to trigger the analytic
CAR is intended to be shared with cyber-defenders throughout the community. Check out the help page for an introduction to using CAR. See the Methodology page for more information on how CAR analytics are created. For questions regarding the use of the wiki software, consult the MediaWiki User's Guide.
Have a question? Contact us