MITRE ATT&CK
Description
The module is designed to detect and analyze cyberattacks on the organization based on the MITRE ATT&CK knowledge base. It includes the following functional capabilities.
Priority Selection
- The module allows creating layers for each information system
- Configuring the criticality and coverage for each technique
Coverage Assessment
- The module provides an interface for assessing coverage for each technique
- The interface allows visualizing the coverage of information systems and assets
- The assessment helps determine which areas require additional attention
Detection Monitoring
The module provides two types of trigger monitoring.
Detection Matrix
An interface that displays all triggers grouped by techniques and information systems. It allows you to see the number of triggers for each technique.
Dashboards
A visual representation of trigger information. It allows tracking trends, identifying anomalies, and assessing the effectiveness of correlation rules.