TTP (Tactics, Techniques, Procedures)
Tactics: These are the general, beginning-to-end strategies that threat actors use to gain access to valuable systems and information. In other words, this is the “how” of cyber attacks. Hackers might choose to tap into confidential information or intrude into a website to accomplish their aims.
Techniques: These are the non-specific, intermediate methods or tools that a criminal will use to compromise your information. Phishing via email attachments is just one commonly employed example.
Procedures: These are the step-by-step descriptions of how the attacker plans to go about achieving their purpose. In other words, how will the general techniques be carried out in detail?