MITRE ATT&CK-based Content Recommendations
With an understanding of what data you have, you can specify the types of security concerns you’re facing and then use MITRE ATT&CK to filter for the Splunk content related to MITRE Techniques that are associated with many different threat groups.
- Select a category of issue that you are concerned about. If desired, you can also adjust the default filters for data availability and popularity.
- You will be greeted by a list of content that is tied to ATT&CK techniques MITRE reports as being popular with many threat groups.
- This dashboard is built on the Data Inventory and Correlation Search Introspection, so if you haven’t configured those yet, make sure to visit those pages.