MITRE ATT&CK® targets classifier

MITRE ATT&CK® is a knowledge base of attack tactics and techniques based on real-world observations. The ATT&CK knowledge base is used as a foundation for the development of specific threat models and methodologies in the private sector, in government, and in the cybersecurity product and service community.


For companies that start to implement Threat Intelligence and plan to use the MITRE ATT&CK framework, it could be interesting to focus first on tactics and techniques that have already been used against companies from the same domain (government, energy, research etc.), or against target that rely on the same infrastructure (Linux or Windows, on-premise or cloud etc.)

The classifier itself can be simple (keyword based) or more evolved (ML or AI based).


The goal of this project is to develop a classifier that can group and present the different information available on MITRE ATT&CK (tool, techniques, hacking group) according to the type of target (government, energy, research etc.), and also according to the type of infrastructure (Windows, Linux, on-premise, cloud etc.).

There are different possibilities to implement the classifier

Expected outcome

  • source code of the tool on our GitLab server
  • including basic testing (code style, unit testing)
  • 1 blog post
  • 1 poster
  • a project report documenting the code

Required skills

To start this project you should have some knowledge of programming language.

Tools and technologies

To achieve this project, you will use following tools and technologies:

  • use git to manage your source code
  • use GitLab to implement Continuous Implementation (CI)


Contact us

This website uses cookies. More information about the use of cookies is available in the cookies policy.