The Cyber Kill Chain framework, developed by Lockheed Martin, explicitly models the seven sequential phases of a cyberattack. It provides a high-level structure for understanding how an adversary progresses from initial reconnaissance to their final objective. The seven phases are: Reconnaissance, Weaponization, Delivery, Exploitation, Installation, Command & Control (C2), and Actions on Objectives. This model is designed to help defenders map their controls to specific stages of an attack, thereby providing a comprehensive view of how to disrupt the adversary's operations, which directly addresses the security team's requirement.

A. Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK) for industrial control systems (ICS): This framework is specific to industrial control systems, which is not the context of the question, and it is not structured as a linear seven-phase model.

B. MITRE Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK): The ATT&CK framework is a knowledge base of adversary behavior organized into a matrix of tactics and techniques, not a sequential seven-phase model.

D. Diamond Model of Intrusion Analysis: This is an event-based model that analyzes intrusions using four core features (adversary, capability, infrastructure, victim), rather than describing a multi-phase attack lifecycle.

1. Hutchins, E. M., Cloppert, M. J., & Amin, R. M. (2011). Intelligence-Driven Computer Network Defense Informed by Analysis of Adversary Campaigns and Intrusion Kill Chains. Lockheed Martin Corporation. In Section 3, "The Kill Chain," the paper details the seven phases of the model (pp. 3-5).

2. Al-Mohannadi, H., Awan, I., & Ko, L. (2016). A survey on cyber kill chain. In 2016 International Conference on Industrial Informatics and Computer Systems (CIICS) (pp. 1-6). IEEE. Section II, "Cyber Kill Chain," explicitly lists and describes the seven stages of the framework. https://doi.org/10.1109/ICCSII.2016.7462433

3. University of Washington, Paul G. Allen School of Computer Science & Engineering. (2021). CSE 484 / CSE M 584: Computer Security and Privacy - Lecture 18: Intrusion Detection. Slide 11, "Cyber Kill Chain," lists the seven steps of the Lockheed Martin model. Available via UW CSE courseware archives.