Guiding Principles

⚠️🚧 Work in Progress

This document is a work in progress. Content may change, and some sections may be incomplete.

This section explores the "why" behind the ATT&CK Data Model - the design decisions, architectural choices, and trade-offs that shape the library. These explanations provide context and rationale rather than instructions, helping you understand the deeper principles that guide the project.

Dive Deeper

Foundational Context

Why the ATT&CK Data Model Exists - The problem context, solution approach, and value proposition
Why TypeScript Instead of X - Why we chose TypeScript
Why Zod Instead of X - Why we chose Zod over other options
Extending STIX - How ATT&CK extends the STIX 2.1 specification

ATT&CK Specification Understanding

ATT&CK Specification Overview - Understanding the structure and purpose of the ATT&CK specification
ATT&CK Versioning - Understanding ATT&CK's versioning approach
Detections, Data Sources, and STIX - Understanding the evolution of detection strategies in ATT&CK

Technical Architecture

Schema Design Principles - Validation philosophy, refinement patterns, and extensibility choices

Miscellaneous

Architecture & Design Trade-offs - Reasons why architecture decisions were made

Dive Deeper​

Foundational Context​

ATT&CK Specification Understanding​

Technical Architecture​

Miscellaneous​

Dive Deeper

Foundational Context

ATT&CK Specification Understanding

Technical Architecture

Miscellaneous