cti-ATT-CK-v13.1/enterprise-attack/x-mitre-tactic/x-mitre-tactic--c17c5845-175e-4421-9713-829d0573dbc9.json

{
    "type": "bundle",
    "id": "bundle--4f290fd7-4d6e-41e1-b08a-13d7969782e4",
    "spec_version": "2.0",
    "objects": [
        {
            "x_mitre_domains": [
                "enterprise-attack"
            ],
            "object_marking_refs": [
                "marking-definition--fa42a846-8d90-4e51-bc29-71d5b4802168"
            ],
            "id": "x-mitre-tactic--c17c5845-175e-4421-9713-829d0573dbc9",
            "type": "x-mitre-tactic",
            "created": "2018-10-17T00:14:20.652Z",
            "created_by_ref": "identity--c78cb6e5-0c4b-4611-8297-d1b8b55e40b5",
            "external_references": [
                {
                    "external_id": "TA0007",
                    "url": "https://attack.mitre.org/tactics/TA0007",
                    "source_name": "mitre-attack"
                }
            ],
            "modified": "2019-07-19T17:44:13.228Z",
            "name": "Discovery",
            "description": "The adversary is trying to figure out your environment.\n\nDiscovery consists of techniques an adversary may use to gain knowledge about the system and internal network. These techniques help adversaries observe the environment and orient themselves before deciding how to act. They also allow adversaries to explore what they can control and what\u2019s around their entry point in order to discover how it could benefit their current objective. Native operating system tools are often used toward this post-compromise information-gathering objective. ",
            "x_mitre_version": "1.0",
            "x_mitre_attack_spec_version": "2.1.0",
            "x_mitre_modified_by_ref": "identity--c78cb6e5-0c4b-4611-8297-d1b8b55e40b5",
            "x_mitre_shortname": "discovery"
        }
    ]
}