Stage Capabilities
Adversaries may upload, install, or otherwise set up capabilities that can be used during targeting. To support their operations, an adversary may need to take capabilities they developed (Develop Capabilities) or obtained (Obtain Capabilities) and stage them on infrastructure under their control. These capabilities ma
- Framework
- MITRE ATLAS
- Maturity
- Demonstrated
- Platforms
- Enterprise
- Release
- 2026.05
Overview
Adversaries may upload, install, or otherwise set up capabilities that can be used during targeting. To support their operations, an adversary may need to take capabilities they developed (Develop Capabilities) or obtained (Obtain Capabilities) and stage them on infrastructure under their control. These capabilities may be staged on infrastructure that was previously purchased/rented by the adversary (Acquire Infrastructure) or was otherwise compromised by them. Capabilities may also be staged on web services, such as GitHub, model registries, such as Hugging Face, or container registries.
Adversaries may stage a variety of AI Artifacts including poisoned datasets (Publish Poisoned Datasets, malicious models (Publish Poisoned Models, and prompt injections. They may target names of legitimate companies or products, engage in typosquatting, or use hallucinated entities (Discover LLM Hallucinations).