Following the alignment of Microsoft Defender ATP alert categories with MITRE ATT&CK tactics, we are now enhancing our alerts to include MITRE ATT&CK technique information.
For example, each of the following alerts will now show corresponding ATT&CK technique IDs:
This change points security analysts to more information about attacker activities that trigger the alerts.
From each alert, you can consult the MITRE ATT&CK matrix for generalized information about the techniques, including their potential impact and how they have been used in known attacks.
Published Sep 16, 2019
Version 1.0
Hadar Feldman
Microsoft
Microsoft