Review threat group and MITRE-ATT&CK techniques mapping

  • Release version: Xanadu
  • Updated August 1, 2024
  • 1 minute to read

    • Review the threat group and techniques object to object relationship mapping information that is imported from the MITRE TAXII collections. This mapping enables you to view the technique group and the corresponding technique mapping.

    Before you begin

    Role required:
    • sn_ti.admin, sn_si.admin: create, write, delete access
    • sn_ti.read: read access

    Procedure

    1. Navigate to All > Threat Intelligence > MITRE ATT&CK Administration > Threat Group-MITRE ATT&CK Techniques.
    2. Right click the Source Object and select Group By Source Object to view all the attack patterns associated with a threat group.

      The following illustration shows the threat group admin@338 and the various attack patterns adopted by this threat group which are part of the enterprise attack source.

      Illustration showing the threat group and technique mapping.