The 2022 ATT&CK Evaluations for Managed Services Call for Participation is now open. Click here to learn how to participate.

Home  >  Enterprise Wizard Spider and Sandworm  >  Technique Scope

Wizard Spider and Sandworm Evaluation: Technique Scope

For the Wizard Spider and Sandworm evaluation, the highlighted ATT&CK techniques are in scope for this evaluation. Linux techniques are included in the scope of this evaluation, though will only represent a small portion of the evaluation. The Linux portion of the evaluation is optional for participants. This will also mark the first time the impact tactic is in scope for the evaluation.

You can view the in-scope Techniques for the Wizard Spider and Sandworm evaluation in the ATT&CK Navigator by checking out the layer file we made available here. A preview is shown below! The Techniques in scope attributed specifically to Wizard Spider are highlighted in purple, attributed specifically to Sandworm in blue, and both Wizard Spider and Sandworm in grey.