MITRE ATT&CK-based Content Recommendations

With an understanding of what data you have, you can specify the types of security concerns you’re facing and then use MITRE ATT&CK to filter for the Splunk content related to MITRE Techniques that are associated with many different threat groups.

  1. Select a category of issue that you are concerned about. If desired, you can also adjust the default filters for data availability and popularity.
  2. You will be greeted by a list of content that is tied to ATT&CK techniques MITRE reports as being popular with many threat groups.
  3. This dashboard is built on the Data Inventory and Correlation Search Introspection, so if you haven’t configured those yet, make sure to visit those pages.