MITRE ATT&CK technique info in Microsoft Defender ATP alerts

Published 09-16-2019 04:38 AM 8,132 Views
Microsoft

Following the alignment of Microsoft Defender ATP alert categories with MITRE ATT&CK tactics, we are now enhancing our alerts to include MITRE ATT&CK technique information.

 

For example, each of the following alerts will now show corresponding ATT&CK technique IDs:

MITREAT1.PNG

 

MITREAT2.PNG

 

This change points security analysts to more information about attacker activities that trigger the alerts.

From each alert, you can consult the MITRE ATT&CK matrix for generalized information about the techniques, including their potential impact and how they have been used in known attacks.

 

 

Version history
Last update:
‎Sep 16 2019 04:38 AM
Updated by: