Book a demo call with us
Cross icon
Concepts

TTP (Tactics, Techniques, and Procedures)

Tactics describe the high-level goals of an attacker, techniques describe how those goals are achieved, and procedures are the specific implementations used in a given attack. Understanding TTPs, as catalogued in frameworks like MITRE ATT&CK, allows SOC teams to detect sophisticated threats that don't match known signatures and to reason about attacker intent and next likely steps.

Want to help your analysts focus on the most critical alerts?

Book a demo

Other definitions

Zero-Day

A software vulnerability that is unknown to the vendor and has no available patch at the time it is discovered or exploited.

Read the full definition
Arrow right black

XDR (Extended Detection and Response)

An evolution of EDR that integrates telemetry and detection across multiple security layers into a unified platform.

Read the full definition
Arrow right black

Vulnerability

A weakness in a system, application, or network that could be exploited by an attacker to gain unauthorized access or cause harm.

Read the full definition
Arrow right black
Home
>
Glossary
>
TTP (Tactics, Techniques, and Procedures)
Qevlar AI
ProductIntegrationsSOC & Vulnerability
SolutionsPhishingNetworkIdentityCloud
For MSSPsFor Enterprise
Company
AboutBlogWhitepapersCareersFAQ
Legal
Terms and conditionPrivacy policy