Version: 4.3

MITRE ATT&CK

Description

This module is designed for detecting and analyzing cyber attacks targeting an organization using tactics and techniques from the MITRE ATT&CK knowledge base.

Priority Selection

The module allows creating layers for each information system
Configuration of criticality and coverage for each technique

Coverage Assessment

The module provides an interface for assessing coverage for each technique
The interface allows visualization of information system and asset coverage
The assessment helps identify areas requiring additional attention

Detection Monitoring

The module provides two types of trigger monitoring.

Detection Matrix

An interface displaying all triggers grouped by techniques and information systems. Allows viewing the number of triggers for each technique.

Dashboards

A visual representation of trigger information. Allows tracking trends, identifying anomalies, and evaluating the effectiveness of correlation rules.

Useful Links

MITRE ATT&CK Installation
Layer Editor
Priority Matrix
Trigger Matrix
Coverage Matrix
MITRE ATT&CK Action
Risk Action

Description​

Priority Selection​

Coverage Assessment​

Detection Monitoring​

Detection Matrix​

Dashboards​

Useful Links​