The Cyber Analytics Repository (CAR) complements MITRE's ATT&CK model, which is a framework for describing the actions that attackers take after they've gotten inside and compromised a network.This presentation explains how CAR works with ATT&CK.
Presentation: Detecting the Adversary Post-Compromise with Threat Models and Behavioral Analytics
Collecting and sharing behavioral knowledge with the cyber-defense community is the reason MITRE engineers developed the Cyber Analytics Repository, or CAR. It's a knowledge base of analytics to help cyber-defenders recognize suspicious actions occurring in their systems. CAR complements the Adversary Tactics, Techniques, and Common Knowledge (ATT&CK) model, also developed by MITRE. ATT&CK is a framework for describing the actions that attackers take after they've gotten inside and compromised a network. This presentation explains how CAR works in tandem with ATT&CK.