Stage Capabilities
Type: technique
Description: Adversaries may upload, install, or otherwise set up capabilities that can be used during targeting. To support their operations, an adversary may need to take capabilities they developed (Develop Capabilities) or obtained (Obtain Capabilities) and stage them on infrastructure under their control. These capabilities may be staged on infrastructure that was previously purchased/rented by the adversary (Acquire Infrastructure) or was otherwise compromised by them. Capabilities may also be staged on web services, such as GitHub, model registries, such as Hugging Face, or container registries.
Adversaries may stage a variety of AI Artifacts including poisoned datasets (Publish Poisoned Datasets, malicious models (Publish Poisoned Models), and prompt injections. They may target names of legitimate companies or products, engage in typosquatting, or use hallucinated entities (Discover LLM Hallucinations).
Version: 0.1.0
Created At: 2025-07-23 10:23:39 -0400
Last Modified At: 2025-07-23 10:23:39 -0400
External References
Related Objects
- --> Resource Development (tactic): An adversary may stagemay stage a variety of AI Artifacts including poisoned datasets that can be used during targeting.