MITRE ATT&CK technique info in Microsoft Defender ATP alerts
Published Sep 16 2019 04:38 AM 14.7K Views

Following the alignment of Microsoft Defender ATP alert categories with MITRE ATT&CK tactics, we are now enhancing our alerts to include MITRE ATT&CK technique information.


For example, each of the following alerts will now show corresponding ATT&CK technique IDs:





This change points security analysts to more information about attacker activities that trigger the alerts.

From each alert, you can consult the MITRE ATT&CK matrix for generalized information about the techniques, including their potential impact and how they have been used in known attacks.



Version history
Last update:
‎Sep 16 2019 04:38 AM
Updated by: