Associate MITRE-ATT&CK information with security case

  • Rversion finale: Australia
  • Mis à jour 12 mars 2026
  • 1 minute de lecture

    • Associate MITRE-ATT&CK tactics and techniques to a security case for better security case management and threat analysis at a granular level.

    Avant de commencer

    Role required: sn_si.analyst

    Procédure

    1. Navigate to All > Threat Intelligence > Case Management > All Cases.
    2. Select the security case that you want to enrich with the MITRE-ATT&CK information.
    3. From the related list, click Associate MITRE ATT&CK Technique.

      In the following illustration, you can see how to navigate from the related list to Associate MITRE ATT&CK Technique, review the source, and add a tactic and technique.

    4. In the source lists, review the Source.
    5. Review the Tactic and Techniques, and add or remove them based on the relevance with the case.
    6. Click Save.
      The tactics and techniques that you have added appear in the MITRE-ATT&CK Card.This illustration shows how to associate MITRE information with a security case.