Following the alignment of Microsoft Defender ATP alert categories with MITRE ATT&CK tactics, we are now enhancing our alerts to include MITRE ATT&CK technique information.


For example, each of the following alerts will now show corresponding ATT&CK technique IDs:





This change points security analysts to more information about attacker activities that trigger the alerts.

From each alert, you can consult the MITRE ATT&CK matrix for generalized information about the techniques, including their potential impact and how they have been used in known attacks.