Look folks, MITRE's ATT&CK Matrix is great... but did you know there are firms (and attackers) who do stuff that's not on the matrix?
1
Also, if you really do have 100% coverage, that's great... but please understand that within each technique there's nearly an infinity of options on how to obfuscate or hide.
2
MITRE has repeatedly stated that ATT&CK is NOT a checklist. Those of you who are treating it as such are going to be in for some VERY rude reality checks at some point in the future.
3
I think ATT&CK is great. Use it, but don't over-use it. It's a community consensus project. It's not holy text carved into some stone tablets.
4
I think MITRE is awesome. You should check out CWE. That's a project that the community SHOULD be focusing on SO SO SO SO much more. If you're looking for something closer to a checklist... CWE is what you really want.
cwe.mitre.org
5
I'll just finish this rant with this. MITRE's ATT&CK is great. Use it. But don't think that it'll save you. It's a thought pattern... it's a common set of terms... it is NOT a path to certain victory... but used correctly it can and should improve your security posture.
6