In a script, I'm trying to react, depending upon what Category we receive. Looking at the UI, I see a list of Categories with which I can filter. BUT, in the results, I see MORE categories. For example, "WebExploit"
Is there a definitive list of all possible categories?
I've searched and have yet to find one.
Otherwise, I guess I just need to take unique samples and hope I cover them all.
Hello! I assume you mean the alert categories: We've redefined the alert categories to align to the enterprise attack tactics in the MITRE ATT&CK matrix (https://attack.mitre.org/tactics/enterprise/) . New category names apply to all new alerts. Existing alerts will keep the previous category names.