How to extract unused MITRE TTPS and show on dashboard
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
07-29-2025 10:09 AM
We are extracting MITRE TTPS from SPLUNK ES from notable events or correlation searches and mapped in Splunk profiles. And showing in Security incident response form under MITRE ATTCK card related tabs using BR.
Now we want to show the difference of used and unused MITRE TTPS like
Show techniques not yet triggered or mapped.
Unused TTPs = All MITRE TTPs - Used TTPs
These unused TTPS should be displayed on ServiceNow MITRE dashboard.
0 REPLIES 0