View the MITRE ATT&CK posture for a risk notable
View the MITRE ATT&CK posture within the context of a risk notable so that you can reduce the mean time to detection (MTTD) and mean time to repair (MTTR) and enhance the situational awareness in your security operations center (SOC).
Follow these steps to view the MITRE MITRE ATT&CK posture for a risk notable in context:
- On the Splunk Enterprise Security Search app, select Incident Review.
- Expand a risk notable form the list of risk notables.
- Scroll to MITRE ATT&CK Posture for this Notable to see the highlighted MITRE tactics and techniques that were detected for the risk object.
The MITRE matrix chart displays all the tactics and techniques for every risk event associated with the risk object for that risk notable.You can also scroll to Additional Fields to see the list of MITRE ATT&CK tactics and techniques for the risk notable.
This documentation applies to the following versions of Splunk® Enterprise Security: 7.1.0
Feedback submitted, thanks!