{"id":31816615,"url":"https://github.com/splunk/macro-level-attack-trending","last_synced_at":"2026-02-18T18:02:03.176Z","repository":{"id":64722321,"uuid":"567773562","full_name":"splunk/macro-level-attack-trending","owner":"splunk","description":"Aggregated ATT\u0026CK technique reporting data. Presented at Splunk GovSummit December 2022","archived":false,"fork":false,"pushed_at":"2025-01-22T17:04:45.000Z","size":9152,"stargazers_count":14,"open_issues_count":0,"forks_count":3,"subscribers_count":5,"default_branch":"main","last_synced_at":"2025-01-22T18:19:55.347Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":null,"language":null,"has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"apache-2.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/splunk.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2022-11-18T14:45:09.000Z","updated_at":"2025-01-22T17:04:49.000Z","dependencies_parsed_at":"2024-09-09T17:15:45.023Z","dependency_job_id":"d7780c86-6fa7-47c3-b007-56a3b266cfb7","html_url":"https://github.com/splunk/macro-level-attack-trending","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"purl":"pkg:github/splunk/macro-level-attack-trending","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/splunk%2Fmacro-level-attack-trending","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/splunk%2Fmacro-level-attack-trending/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/splunk%2Fmacro-level-attack-trending/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/splunk%2Fmacro-level-attack-trending/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/splunk","download_url":"https://codeload.github.com/splunk/macro-level-attack-trending/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/splunk%2Fmacro-level-attack-trending/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":279006747,"owners_count":26084185,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","status":"online","status_checked_at":"2025-10-11T02:00:06.511Z","response_time":55,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2025-10-11T09:57:13.803Z","updated_at":"2025-10-11T09:57:14.873Z","avatar_url":"https://github.com/splunk.png","language":null,"readme":"# macro-level-attack-trending\nPOC: rfetterman@splunk.com \u003c/br\u003e\u003c/br\u003e\nThis repo contains Aggregated ATT\u0026amp;CK technique reporting data. This work was presented at Splunk GovSummit 2022, and RSA 2023 (\u003ca href=\"https://www.rsaconference.com/Library/presentation/USA/2023/Threat%20Informed%20Planning%20with%20Macrolevel%20ATTCK%20Trending\"\u003e\"Threat-Informed Planning\"\u003c/a\u003e). \n\n\u003cb\u003eLast Updated:\u003c/b\u003e Sept 9, 2024\n\n\u003ch3\u003eLink to Blogs:\u003c/h3\u003e \n\n- 2024: https://www.splunk.com/en_us/blog/security/macro-att-ck-2024-a-five-year-perspective.html\u003c/br\u003e\n- 2023: https://www.splunk.com/en_us/blog/security/revisiting-the-big-picture-macro-level-att-ck-updates-for-2023.html\u003c/br\u003e\n- 2022: https://www.splunk.com/en_us/blog/security/zoom-enhance-finding-value-in-macro-level-att-ck-reporting.html\u003c/br\u003e\u003c/br\u003e\n\n\nPrivate Sector Yearly Threat Intelligence Reporting Sources:\n- Mandiant M-Trends (2020-2024), \n- Red Canary Threat Reports (2020-2024), \n- Center for Threat Informed Defense (CTID) – ATT\u0026CK Sightings Project (2022, 2024)\n\nPublic Sector Threat Intelligence Reporting Sources:\n- CISA National Cyber Awareness System – Alerts (2020-2024)\n\n![image](scatter_2024.png)\n\n### License\n\nCopyright 2023 Splunk Inc.\n\nLicensed under the Apache License, Version 2.0 (the \"License\"); \nyou may not use this file except in compliance with the License. \nYou may obtain a copy of the License at\n\nhttp://www.apache.org/licenses/LICENSE-2.0\n\nUnless required by applicable law or agreed to in writing, \nsoftware distributed under the License is distributed on an \"AS IS\" BASIS, \nWITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\nSee the License for the specific language governing permissions and limitations under the License.\n","funding_links":[],"categories":[],"sub_categories":[],"project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fsplunk%2Fmacro-level-attack-trending","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fsplunk%2Fmacro-level-attack-trending","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fsplunk%2Fmacro-level-attack-trending/lists"}