Associate MITRE-ATT&CK information with security case

  • リリースバージョン: Australia
  • 更新日 2026年03月12日
  • 所要時間:1分

    • Associate MITRE-ATT&CK tactics and techniques to a security case for better security case management and threat analysis at a granular level.

    始める前に

    Role required: sn_si.analyst

    手順

    1. Navigate to All > Threat Intelligence > Case Management > All Cases.
    2. Select the security case that you want to enrich with the MITRE-ATT&CK information.
    3. From the related list, click Associate MITRE ATT&CK Technique.

      In the following illustration, you can see how to navigate from the related list to Associate MITRE ATT&CK Technique, review the source, and add a tactic and technique.

    4. In the source lists, review the Source.
    5. Review the Tactic and Techniques, and add or remove them based on the relevance with the case.
    6. Click Save.
      The tactics and techniques that you have added appear in the MITRE-ATT&CK Card.This illustration shows how to associate MITRE information with a security case.