Live Active security incident? Get immediate response
MITRE ATT&CK® Dictionary

What is mitigation in MITRE ATT&CK®?

An ATT&CK mitigation is a defensive action or control that can reduce the likelihood or impact of one or more techniques. It is not a guarantee of coverage and should be validated against actual environments.

40-second answer

An ATT&CK mitigation is a defensive action or control that can reduce the likelihood or impact of one or more techniques. It is not a guarantee of coverage and should be validated against actual environments.

Glexia analyst context

How this term helps security teams

Glexia prioritizes mitigations by exploitability, business impact, telemetry maturity, and operational feasibility.

Common use cases

Where practitioners use this concept

  • Remediation planning
  • Security roadmap design
  • Control validation
Source and licensing

Source: MITRE ATT&CK®. © 2026 The MITRE Corporation. This work is reproduced and distributed with the permission of The MITRE Corporation. MITRE ATT&CK and ATT&CK are registered trademarks of The MITRE Corporation. Glexia is not affiliated with or endorsed by MITRE.

Official MITRE ATT&CK site Official STIX data repository MITRE ATT&CK terms of use