Forum Discussion
Slawomir_Smolarczyk
Jan 29, 2024Copper Contributor
AttackTechniques missing in AlertInfo?
Does anyone know if it's a normal behavior that AttackTechniques is missing from AlertInfo, or is it some kind of bug?
According to AlertInfo table in the advanced hunting schema | Microsoft Learn
"AttackTechniques: MITRE ATT&CK techniques associated with the activity that triggered the alert"
(I guess from here MITRE ATT&CK®)
Will AttackTechniques in AlertInfo always match the same in AlertEvidence and the empty field in the example above can simply be ignored?
No RepliesBe the first to reply