{"ID":2890719,"CreatedAt":"2026-06-01T04:54:23.091178241Z","UpdatedAt":"2026-06-01T04:54:23.091178241Z","DeletedAt":null,"paper_url":"https://arxiv.org/abs/2507.18037","arxiv_id":"2507.18037","title":"Your ATs to Ts: MITRE ATT\u0026CK Attack Technique to P-SSCRM Task Mapping","abstract":"The MITRE Adversarial Tactics, Techniques and Common Knowledge (MITRE ATT\u0026CK) Attack Technique to Proactive Software Supply Chain Risk Management Framework (P-SSCRM) Task mapping described in this document helps software organizations to determine how different tasks mitigate the attack techniques of software supply chain attacks. The mapping was created through four independent strategies to find agreed-upon mappings. Because each P-SSCRM task is mapped to one or more tasks from the 10 frameworks, the mapping we provide is also a mapping between MITRE ATT\u0026CK and other prominent government and industry frameworks.","short_abstract":"The MITRE Adversarial Tactics, Techniques and Common Knowledge (MITRE ATT\u0026CK) Attack Technique to Proactive Software Supply Chain Risk Management Framework (P-SSCRM) Task mapping described in this document helps software organizations to determine how different tasks mitigate the attack techniques of software supply ch...","url_abs":"https://arxiv.org/abs/2507.18037","url_pdf":"https://arxiv.org/pdf/2507.18037v1","authors":"[\"Sivana Hamer\",\"Jacob Bowen\",\"Md Nazmul Haque\",\"Chris Madden\",\"Laurie Williams\"]","published":"2025-07-24T02:14:00Z","proceeding":"cs.SE","tasks":"[\"cs.SE\",\"cs.CR\"]","methods":"[\"Generative Adversarial Network\"]","has_code":false}