Version: 4.3

MITRE ATT&CK

Description

The module is designed to detect and analyze cyberattacks on the organization based on the MITRE ATT&CK knowledge base. It includes the following functional capabilities.

Priority Selection

The module allows creating layers for each information system
Configuring the criticality and coverage for each technique

Coverage Assessment

The module provides an interface for assessing coverage for each technique
The interface allows visualizing the coverage of information systems and assets
The assessment helps determine which areas require additional attention

Detection Monitoring

The module provides two types of trigger monitoring.

Detection Matrix

An interface that displays all triggers grouped by techniques and information systems. It allows you to see the number of triggers for each technique.

Dashboards

A visual representation of trigger information. It allows tracking trends, identifying anomalies, and assessing the effectiveness of correlation rules.

Useful Links

Installation MITRE ATT&CK
Layer Editor
Priority Matrix
Detection Matrix
Coverage Matrix
Action MITRE ATT&CK
Action Risk Action

Description​

Priority Selection​

Coverage Assessment​

Detection Monitoring​

Detection Matrix​

Dashboards​

Useful Links​