---
title: "Accessing the ATT&CK Visualizer | ThreatConnect"
slug: "accessing-the-attack-visualizer"
description: "This article describes how to access the ATT&CK Visualizer in ThreatConnect."
tags: ["Viewing Data"]
updated: 2025-10-02T20:22:41Z
published: 2025-10-02T20:22:41Z
---

> ## Documentation Index
> Fetch the complete documentation index at: https://knowledge.threatconnect.com/llms.txt
> Use this file to discover all available pages before exploring further.

# Accessing the ATT&CK Visualizer

## Overview

You can use the ThreatConnect® ATT&CK Visualizer to [create standard ATT&CK views](https://knowledge.threatconnect.com/docs/standard-attack-views#creating-standard-attck-views) with Groups in ThreatConnect added as analysis layers, allowing you to view the MITRE ATT&CK® Enterprise [tactics](https://attack.mitre.org/tactics/enterprise/), [techniques, and sub-techniques](https://attack.mitre.org/techniques/enterprise/) used by the Groups. You can also use the ATT&CK Visualizer to [import ATT&CK views](https://knowledge.threatconnect.com/docs/imported-attack-views#importing-attck-views) created in the [MITRE ATT&CK Navigator](https://mitre-attack.github.io/attack-navigator/), allowing you to use ThreatConnect as a repository for all your ATT&CK views.

You can access the ATT&CK Visualizer from the **ATT&CK**screen and when searching, browsing, or viewing Groups in your [ThreatConnect owners](https://knowledge.threatconnect.com/docs/ownership-in-threatconnect).

NoteOrganization Administrators can also use the ATT&CK Visualizer to [assign security coverage](https://knowledge.threatconnect.com/docs/attack-security-coverage) to techniques and sub-techniques and to [configure ATT&CK RQ Financial Impact](https://knowledge.threatconnect.com/docs/attack-rq-financial-impact) for their Organization.

## Before You Start

### User Roles

- To access the ATT&CK Visualizer, your user account can have any [Organization role](https://knowledge.threatconnect.com/docs/organization-roles).
- To view standard ATT&CK views, your user account can have any Organization role.
- To create standard ATT&CK views, your user account can have any Organization role.
- To view imported ATT&CK views, your user account can have any Organization role.
- To import ATT&CK views, your user account must have an Organization role of Standard User, Sharing User, Organization Administrator, or App Developer.

## Accessing the ATT&CK Visualizer From the ATT&CK Screen

If your user account has an Organization role of Standard User, Sharing User, Organization Administrator, or App Developer, follow these steps to access the ATT&CK Visualizer from the **ATT&CK**screen:

1. From the **Tools**dropdown on the top navigation bar, select **ATT&CK**.
2. Click**+ Create ATT&CK View** at the upper right of the **ATT&CK**screen and select one of the following options, or select a saved standard ATT&CK view or saved imported ATT&CK view from the **Standard Views** or **Imported Views**tab, respectively, to open it in the ATT&CK Visualizer:
  - **Standard View**: [Create a standard ATT&CK view](https://knowledge.threatconnect.com/docs/standard-attack-views#creating-standard-attck-views) and open it in the ATT&CK Visualizer.
  - **Imported View…**: [Import an ATT&CK view built in the MITRE ATT&CK Navigator](https://knowledge.threatconnect.com/docs/imported-attack-views#importing-attck-views) and open it in the ATT&CK Visualizer.

If your user account has an Organization role of Read Only User or Read Only Commenter, follow these steps to access the ATT&CK Visualizer from the **ATT&CK**screen:

1. From the **Tools** dropdown on the top navigation bar, select **ATT&CK**.
2. Click**Explore ATT&CK View**at the upper right of the **ATT&CK**screen to create a standard ATT&CK view and open it in the ATT&CK Visualizer, or select a saved standard ATT&CK view or saved imported ATT&CK view from the **Standard Views** or **Imported Views** tab, respectively, to open it in the ATT&CK Visualizer.

## Accessing the ATT&CK Visualizer for Groups

When searching, browsing, or viewing Groups, you can open the ATT&CK Visualizer for a specific Group and create a standard ATT&CK view with the Group [added as an analysis layer](https://knowledge.threatconnect.com/docs/standard-attack-views#creating-standard-attck-views) (Figure 1).

![Figure 1_Accessing the ATT&amp;CK Visualizer_7.10.0](https://cdn.document360.io/dfc206c8-1c9f-4725-b74d-a66f83432320/Images/Documentation/Figure%201_Accessing%20the%20ATT&amp;CK%20Visualizer_7.10.0.png)

You can open the ATT&CK Visualizer while viewing Groups in the following areas of ThreatConnect:

- **[](https://knowledge.threatconnect.com/docs/the-details-drawer)** [](https://knowledge.threatconnect.com/docs/the-details-drawer)[**Details**drawer](https://knowledge.threatconnect.com/docs/the-details-drawer)[](https://knowledge.threatconnect.com/docs/the-details-drawer)**[](https://knowledge.threatconnect.com/docs/the-details-drawer)**: Click **Visual Analysis**in the header of a Group’s **Details**drawer and select **Visualize ATT&CK**.
- **[](https://knowledge.threatconnect.com/docs/the-details-screen)****[](https://knowledge.threatconnect.com/docs/the-details-screen)[](https://knowledge.threatconnect.com/docs/the-details-screen)[](https://knowledge.threatconnect.com/docs/the-details-screen)**[**Details**screen](https://knowledge.threatconnect.com/docs/the-details-screen)[](https://knowledge.threatconnect.com/docs/the-details-screen)**[](https://knowledge.threatconnect.com/docs/the-details-screen)**: Click **Visual Analysis** in the header of a Group’s **Details**screen and select **Visualize ATT&CK**.
- **[](https://knowledge.threatconnect.com/docs/search-and-analyze)** [](https://knowledge.threatconnect.com/docs/search-and-analyze)[**Search: All Object Types**screen](https://knowledge.threatconnect.com/docs/viewing-search-results-for-all-object-types)[](https://knowledge.threatconnect.com/docs/search-and-analyze)**[](https://knowledge.threatconnect.com/docs/search-and-analyze)**: Click a Group’s ⋯ menu and select **Visual Analysis**, followed by **Visualize ATT&CK**.
- **[](https://knowledge.threatconnect.com/docs/searching-groups)** [](https://knowledge.threatconnect.com/docs/searching-groups)[**Search: Groups**screen](https://knowledge.threatconnect.com/docs/searching-groups)[](https://knowledge.threatconnect.com/docs/searching-groups)**[](https://knowledge.threatconnect.com/docs/searching-groups)**: Click a Group’s ⋯ menu and select **Visual Analysis**, followed by **Visualize ATT&CK**.

Important

You cannot access the ATT&CK Visualizer from a Group’s [legacy **Details**screen](https://knowledge.threatconnect.com/docs/the-details-screen-legacy). To open the ATT&CK Visualizer and create a standard ATT&CK view with an Email or a Task Group added as an analysis layer, do one of the following:

- Access the ATT&CK Visualizer from the Group’s **Details**drawer, the **Search: All Object Types**screen, or the **Search: Groups**screen. [](https://knowledge.threatconnect.com/docs/standard-attack-views#creating-standard-attck-views)
- [Create a standard ATT&CK view, and then add the Group as an analysis layer](https://knowledge.threatconnect.com/docs/standard-attack-views#creating-standard-attck-views).

---

*ThreatConnect® is a registered trademark of ThreatConnect, Inc.* *MITRE ATT&CK® and ATT&CK® are registered trademarks of The MITRE Corporation.*

20151-03 v.05.A