Historically, the Defense Evasion tactic (TA0005) was a massive catch-all bucket. If an attacker used a signed binary to hide a payload, it was Defense Evasion. If an attacker actively deleted the EDR sensor from the kernel, it was also Defense Evasion.
From a Blue Team perspective, grouping these behaviors together was functionally broken. One requires detecting anomalies within legitimate traffic; the other requires responding to infrastructure destruction. In v19, MITRE corrected this by splitting the tactic based on Adversary Intent.
Stealth (TA0005)
Intent: Blend in to avoid detection. Impact: Your defenses are fully operational, but they are being deceived. The adversary is using behavioral camouflage. Examples: Obfuscated Files, Masquerading, Living-off-the-Land (LOLBAS). (Note: Stealth inherits the old TA0005 ID).
Defense Impairment (TA0112)
Intent: Break, degrade, or disable defenses. Impact: Your security controls are being actively sabotaged. Examples: Killing EDR processes, modifying Cloud Firewalls, or clearing Windows Event Logs.
Impair Defenses (T1562 → T1685)As a direct consequence of this split, the famous T1562 technique (Impair Defenses) has been heavily restructured. It has been merged into a new parent technique: T1685: Disable or Modify Tools.
If your SIEM or SOAR playbooks are currently mapped to T1562.001 to detect EDR tampering, you must update your detection engineering pipelines immediately to track T1685 and its new sub-techniques.
Throughout 2025 and early 2026, the cybersecurity industry observed a theoretical shift toward Agentic AI Exploitation. ATT&CK v19 officially moves this from theory to reality by introducing new techniques and campaigns that document adversaries weaponizing AI in live operations.
MITRE emphasizes that AI does not change what the adversary is trying to do; it changes the scale and the tooling.
T1682: Query Public AI Services: Adversaries are now systematically querying public LLMs for target research, OSINT, and operational planning at scale.T1683: Generate Content: Captures the use of AI to dynamically generate written (T1683.001) and Audio-Visual (T1683.002) content for highly convincing, localized spear-phishing campaigns.Perhaps the most chilling addition in v19 is Campaign C0062 (Anthropic AI-orchestrated Campaign). MITRE has documented a PRC-directed cluster (GTG-1002) using Claude Code to autonomously execute the majority of a multi-stage espionage campaign. Furthermore, v19 introduces LAMEHUG (S9035), associated with APT28, which is the first documented malware to dynamically query a Large Language Model during live operations to adapt its behavior.
In v19, Social Engineering has been fundamentally reorganized. Adversaries manipulating human trust are no longer scattered across initial access vectors.
MITRE introduced a new parent technique: T1684: Social Engineering, placed under the Stealth tactic.
Older techniques like Impersonation and Email Spoofing have been revoked as standalone techniques and reissued as sub-techniques under T1684.
The DFIR Takeaway: MITRE’s new detection strategy for T1684 (DET0899) focuses on the behavioral pattern rather than the channel. Detection engineering should no longer focus solely on spotting a fake email; it should focus on the sequence of a “suspicious interaction” immediately followed by an “unusual user-authorized action” (e.g., an OAuth consent grant or an MFA reset).
Updating a SOC to v19 requires a deliberate, structured approach. Do not simply do a “find and replace” in your SIEM.
Stealth vs. Defense Impairment to give your CISO a clearer picture of whether your defenses are being bypassed or destroyed.T1562 (Impair Defenses) and T1211 (Exploitation for Defense Evasion). Remap them to T1685 and the newly created T1687 (Exploitation for Defense Impairment), respectively.MITRE ATT&CK v19 is a maturity milestone for the cybersecurity industry. By splitting Defense Evasion, the framework forces defenders to acknowledge the difference between a blind spot and a broken camera. By integrating AI-orchestrated campaigns, it confirms that the weaponization of Large Language Models has crossed the threshold from academic research into active, state-sponsored cyber warfare.