---
type: "term"
title: "CAPEC (Common Attack Pattern Enumeration and Classification)"
description: "A MITRE maintained dictionary of known attack patterns, each describing a method of exploiting known weaknesses."
resource: "tlctc:term:capec-common-attack-pattern-enumeration-and-classification"
tags:
  - "glossary"
---
# CAPEC (Common Attack Pattern Enumeration and Classification)

A MITRE-maintained dictionary of known attack patterns, each describing a method of exploiting known weaknesses. In TLCTC: CAPEC patterns are operational-level detail that map to the strategic-level TLCTC clusters. CAPEC complements CWE (weaknesses) and CVE (specific vulnerabilities) in the conceptual hierarchy, and TLCTC proposes bridging from NIST to the extended MITRE world (ATT&CK, CWE, CAPEC, CVE) through the 10 clusters.

**Reference:** V1.9.1 §Standardizing Strategic Cybersecurity

See also: CWE, CVE, MITRE ATT&CK, Techniques (TTPs)