mitre-attack
Safeguard articles tagged "mitre-attack" — guides, analysis, and best practices for software supply chain and application security.
10 articles
Red team vs. blue team fundamentals: how to structure the exercise
MITRE ATT&CK went public in May 2015 to give red and blue teams a shared language — most organizations still run the two in total isolation.
Reverse shell attack mechanics and detection
Reverse shells flip the direction of the connection so outbound firewall rules never fire — here is how they work and the signals that catch them anyway.
Running internal CTFs to build real security skills on engineering teams
picoCTF drew 39,000 players in 2019 across 160 countries — proof that gamified security training scales. Here's how to run the same model internally.
Ethical hacking techniques, mapped to a responsible disclosure workflow
Recon, enumeration, exploitation, and privilege escalation aren't just attacker steps — Log4Shell's 15-day gap between private report and public exploit shows why each maps to a disclosure decision.
What is a Brute Force Attack
A brute force attack guesses credentials until one works. Learn how attackers execute it, real breach data, warning signs, and effective defenses.
Lateral movement
A precise breakdown of what lateral movement is, the MITRE ATT&CK techniques and pivoting methods attackers use, and how to detect them before they spread.
What is MITRE ATT&CK
MITRE ATT&CK catalogs real attacker behavior into 14 tactics and 200+ techniques. Here's how it works, how it differs from CVE/CWE, and how to use it.
What is a Kill Chain
What is a cyber kill chain? A staged breakdown of how attacks unfold, from Lockheed Martin's 7 stages to why supply chain attacks break the model.
MITRE ATT&CK v18: Detection Strategies Replace Data Sources
ATT&CK v18 released October 28, 2025, replacing traditional Detections (Data Sources) with Detection Strategies and Analytics. Here is how the model changes for defenders.
MITRE ATT&CK Meets SSDF: A Mapping
ATT&CK describes how adversaries operate; SSDF describes how to build software that resists them. Here's how to map adversary techniques to secure-development tasks so your threat model drives real engineering change.