Define the technique detection coverage
Define the technique detection coverage that your organization must measure and detect specific adversary techniques.
始める前に
- Role required: sn_ti.admin, sn_si.admin: write access
- Role required: sn_ti.read: read access
このタスクについて
The customizations that you make to the coverage type and color are used in the overall technique detection mapping and also in the heat map.
注:
If you modify the base system coverage definition, the Coverage Type icons do
not display with the techniques in the heat map. The heat map works as expected
when you modify the same fields as the base system's-defined technique detection
coverage and coverage colors. However, if you delete existing fields from the
overall technique detection coverage, the heat map does not display the coverage
type icons.
手順
-
Review the overall technique detection entries and customize the entries for
your environment.
表 : 1. Detection Coverage Definition Field Description Overall Technique Detection Coverage Name of the overall technique detection coverage. The base system technique coverage consists of None, Poor, Fair, Good, Very Good, or Excellent. Coverage Color Color that is assigned to the detection coverage score. The color that you define is used for the technique detection coverage in the heat map. You can customize the colors using HEX codes and RGB(A) values.
Description Overall technique detection coverage. See the base system definition in the Scoring Definition. The following illustration shows the Detection Coverage Definition list.