MITRE introduced ATT&CK (Adversarial Tactics, Techniques & Common Knowledge) in 2013 as a way to describe and categorize adversarial behaviors based on real-world observations, and it underpins AttackIQ’s practice of threat-informed defense. ATT&CK is a structured list of known attacker behaviors that have been compiled into tactics and techniques and expressed in a handful of matrices as well as via STIX/TAXII. Since it is a fairly comprehensive representation of behaviors attackers employ, it becomes a foundation for automated security control validation. Defensive teams can use a good, automated security control validation platform to test their security controls against MITRE ATT&CK-aligned scenarios and attack graphs.