MS Defender ATP and Antivirus Rules with MITRE mapping

%3CLINGO-SUB%20id%3D%22lingo-sub-2477846%22%20slang%3D%22en-US%22%3EMS%20Defender%20ATP%20and%20Antivirus%20Rules%20with%20MITRE%20mapping%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-2477846%22%20slang%3D%22en-US%22%3E%3CP%3ETeam%2C%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EWe%20are%20working%20on%20building%20certain%20correlation%20threat%20use%20case%20for%20Endpoints%20and%20cloud%20instances%20running%20with%20Defender%20and%20would%20like%20to%20know%20the%20list%20of%20rules%20in%20Defender%20with%20the%20MITRE%20Tactics%20and%20Techniques%20mappings.%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-2490908%22%20slang%3D%22en-US%22%3ERe%3A%20MS%20Defender%20ATP%20and%20Antivirus%20Rules%20with%20MITRE%20mapping%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-2490908%22%20slang%3D%22en-US%22%3EI%E2%80%99ve%20not%20seen%20this%20before%2C%20so%20not%20sure%20if%20this%20is%20available%20in%20an%20easy%20to%20consume%20list%20somewhere.%20Perhaps%20someone%20else%20knows.%3C%2FLINGO-BODY%3E
Occasional Visitor

Team,

 

We are working on building certain correlation threat use case for Endpoints and cloud instances running with Defender and would like to know the list of rules in Defender with the MITRE Tactics and Techniques mappings.

1 Reply
I’ve not seen this before, so not sure if this is available in an easy to consume list somewhere. Perhaps someone else knows.