The Unified Kill Chain

Raising resilience against advanced cyber attacks through threat modeling.

Learn more!

The Unified Kill Chain

Cyber attacks are typically phased progressions towards strategic objectives. The Unified Kill Chains provides insight into the tactics that hackers employ to attain these objectives. This provides a solid basis to develop (or realign) defensive strategies to raise cyber resilience.

Show me more!

Scientific design

The Unified Kill Chain was developed through a hybrid research approach, combining design science with qualitative research methods. The Unified Kill Chain extends and combines existing models, such as Lockheed Martin's Cyber Kill Chain® and MITRE's ATT&CK™.

Get started!

What can you learn?

Know your adversary

Understand attacks in depth, from ransomware to APTs.

Protect your assets

Apply the Unified Kill Chain to protect your critical assets.

Prioritize risks

Use the model to prioritize risks, investments and efforts.

All expertise levels

The Unified Kill Chain can be applied by novices and experts.


To the white paper!

The White Paper

The aim of this white paper is to present the Unified Kill Chain, that can serve to model and defend against cyber attacks. The model describes all phases in typical cyber attacks, from the attacker’s first steps to the achievement of adversarial objectives.

If you appreciate the Unified Kill Chain, please share it!

Share Tweet

About the Author

Paul Pols is a master of laws (LLM), applied ethics (MA) and cyber security (MSc) with extensive experience as an ethical hacker and Principal Security Expert.

The Unified Kill Chain was originally developed in his master's thesis titled “Modeling Fancy Bear Attacks: Unifying the Cyber Kill Chain”. The thesis was written for the executive master’s programme in Cyber Security by the University of Leiden, where Paul now teaches as a lecturer.