Get MITRE ATT&CK Tactics
Retrieves a list of MITRE ATT&CK tactics.
Required Permissions
Requires the MEMBER role or higher.
HTTP Request
GET /api/sonar/mitre-attack/tactics
cURL Example
curl -H "Authorization: Bearer <API_KEY>" \
https://HOSTNAME/api/sonar/mitre-attack/tactics
Request Parameters
| Key | Required | Type | Description | Note |
|---|---|---|---|---|
| keywords | X | String | Search keyword |
Success Response
{
"total_count": 14,
"tactics": [
{
"mitre_id": "TA0001",
"name": "Initial Access",
"description": "The adversary is trying to get into your network.",
"url": "https://attack.mitre.org/tactics/TA0001",
"techniques": [
{
"mitre_id": "T1190",
"name": "Exploit Public-Facing Application"
}
]
},
{
"mitre_id": "TA0002",
"name": "Execution",
"description": "The adversary is trying to run malicious code.",
"url": "https://attack.mitre.org/tactics/TA0002",
"techniques": [
{
"mitre_id": "T1059",
"name": "Command and Scripting Interpreter"
}
]
}
]
}
- total_count (32-bit integer): Total number of tactics
- tactics (Array): Tactic list
- mitre_id (String): MITRE ATT&CK tactic ID
- name (String): Tactic name
- description (String): Tactic description
- url (String): MITRE ATT&CK official documentation URL
- techniques (Array): Associated technique list
- mitre_id (String): MITRE ATT&CK technique ID
- name (String): Technique name
Error Responses
This API always returns a success response. An empty array is returned when there are no search results.