About AIDE-TACT
AIDE-TACT (AI Development Environment Adversarial Tactics) is an independent behavioral taxonomy documenting AI-mediated adversary techniques operating within enterprise development environments. It is structured as a research-grade STIX 2.1 catalog with ATT&CK-aligned mapping, intended as a candidate contribution package. This is not an official MITRE publication.
Identity
| Name | AIDE-TACT Research Initiative |
| Class | organization |
| STIX ID | identity--f5b5ec62-ffbd-4afd-9ee5-7c648406e189 |
| Description | Research identity for the AIDE-TACT (AI Development Environment Adversarial Tactics) framework, documenting AI-mediated adversary techniques targeting LLM-integrated IDEs in enterprise development environments. |
Marking Definition
| Type | statement |
| STIX ID | marking-definition--987cd1f9-338d-4840-93e8-02d5f4ebf04d |
| Statement | This content is produced by the AIDE-TACT Research Initiative as a research-based candidate contribution for MITRE ATT&CK framework consideration. It does not represent official ATT&CK content and is not endorsed by The MITRE Corporation. Distribution and use are permitted for research and defensive purposes. |
Bundle Statistics
Framework Alignment
Coverage Levels
Strong procedures and detection guidance with validated evidence.
Good ATT&CK mapping with limited procedure examples. Detection guidance is actionable but may lack production validation.
Detection or procedure guidance is weak; needs strengthening.
Evidence exists but requires consolidation. No confirmed in-the-wild adversary use. Suitable for research validation.
Framework Scope
Purpose
AIDE-TACT defines a behavioral taxonomy documenting adversary techniques that are mediated through AI-integrated development environments operating within enterprise contexts.
The framework focuses on how AI-assisted development systems — including LLM-integrated IDEs and coding agents — can be abused as operational enablers within enterprise attack chains. AIDE-TACT does not define general AI system vulnerabilities. It defines adversary behaviors that leverage AI-enabled development tooling as an execution and propagation surface.
In Scope
- Integrated Development Environments (IDEs) with embedded LLM functionality
- Autonomous or semi-autonomous coding agents
- Tool invocation frameworks (command execution, file system access, MCP servers)
- AI extensions and plugins within development environments
- Context window aggregation and manipulation within IDE workflows
- Agent-mediated command execution within enterprise endpoints
- AI-assisted privilege escalation within developer workstations
- AI-mediated lateral movement originating from development environments
- AI-assisted supply chain propagation originating from code repositories
The framework specifically addresses enterprise developer workstations and AI-enabled development pipelines as operational attack surfaces.
Out of Scope
- Machine learning training pipeline attacks
- Dataset poisoning during model training
- Model extraction or model inversion attacks against hosted AI services
- AI model supply chain compromise at the training or hosting layer
- General AI safety, alignment, or hallucination research
- Consumer chatbot misuse outside enterprise development workflows
- AI governance, compliance, or policy frameworks
- Attacks targeting standalone AI inference systems unrelated to development environments
Threats covered by MITRE ATLAS that relate to model lifecycle, training data integrity, or AI infrastructure compromise are explicitly outside the scope of AIDE-TACT.
Relationship to ATT&CK and ATLAS
AIDE-TACT is aligned with the MITRE ATT&CK Enterprise matrix through tactical mapping. Where applicable, techniques are mapped to ATT&CK tactics to support detection engineering and enterprise threat modeling.
AIDE-TACT is complementary to MITRE ATLAS. While ATLAS documents attacks against AI systems themselves, AIDE-TACT documents adversary behaviors that leverage AI-integrated development environments as operational attack enablers within enterprise networks.
Domain Definition
"AI-mediated adversary behaviors occurring within enterprise development environments."
The framework treats AI-integrated IDEs and coding agents as behavioral amplification layers within enterprise intrusion chains, not as standalone AI systems.