FAQ

CAPEC provides a detailed structure for reproducing realistic attack scenarios, making it a valuable resource for simulations. Each pattern describes the prerequisites, execution steps, targets, attack vectors, and potential attacker objectives. This allows security teams to design well-defined red teaming or threat modeling exercises.

For example, a tester can choose a CAPEC pattern for a brute-force attack on a network service and use it as a basis for evaluating the robustness of an application. This approach makes testing more consistent and facilitates the documentation of results and recommendations.

CAPEC stands for Common Attack Pattern Enumeration and Classification. It is a structured knowledge base developed by MITRE that lists and describes known attack patterns used against computer systems. Unlike isolated incidents, CAPECs describe reusable strategies used by attackers to exploit vulnerabilities.

Each CAPEC pattern is an abstract representation of malicious behavior: it explains how an attack is carried out, what type of weakness it targets, and for what purpose. The goal of CAPEC is to help security professionals better understand, detect, and anticipate the tactics used by attackers.

The official source of the CAPEC database is the MITRE website. This portal allows you to explore all patterns classified by attack type, complexity, target, or level of sophistication. Each record is accompanied by precise definitions, examples, and links to other useful resources (CWE, ATT&CK, etc.).