Using the MITRE-ATT&CK dashboard
The MITRE-ATT&CK dashboard provides an executive view of the data source coverage, tactics, and techniques that are used in your organization.
The MITRE-ATT&CK Overview module displays MITRE-ATT&CK information about security incidents including trends and reports. You can click any part of a widget (bar, data point, table, and so on) to view data that is specific to that part.
Use the MITRE-ATT&CK dashboard to see your security-related data
Use the MITRE-ATT&CK dashboard to get an overview of the data source coverage, tactics, and techniques that are used in your organization.
Before you begin
Procedure
MITRE-ATT&CK widgets
The MITRE-ATT&CK Overview module consists of widgets that enable you to correlate the MITRE-ATT&CK information with the security incident information in your environment.
Example of Security Incidents by MITRE-ATT&CK Technique
In this example, the Security Incidents by MITRE ATT&CK Technique widget displays the techniques by security incident in an organization's environment in the last 90 days.
Example of Security Incidents by MITRE-ATT&CK Tactic
In this example, the Security Incidents by MITRE ATT&CK Tactic widget displays the top tactics by security incident in an organization's environment in the last 90 days.
Example of Critical Assets with MITRE-ATT&CK Techniques
In this example, the Critical Assets with MITRE ATT&CK Techniques widget displays the top 10 critical assets that are associated with the MITRE-ATT&CK techniques. The assets have a business criticality of either 1 (most critical) or 2 (somewhat critical).
This report enables an organization to see the types and number of techniques that are used in carrying attacks against the critical assets.
Example of Security Incident Close Codes Vs MITRE-ATT&CK Techniques
In this example, the Security Incident Close Codes Vs MITRE-ATT&CK Techniques widget displays the security incident close codes that were mapped against the identified top techniques in an organization's environment.
The x-axis displays the top techniques that were used to carry attacks against the enterprise, and the y-axis displays the closed codes.
Example of detection coverage by MITRE-ATT&CK techniques
In this example, the MITRE-ATT&CK Techniques by Detection Coverage widget displays the technique count by the detection coverage in your environment.
The x-axis displays the technique count, and the y-axis displays the detection coverage types.
Example of mitigation coverage by MITRE-ATT&CK techniques
In this example, the MITRE-ATT&CK Techniques by Mitigation Coverage widget displays the technique count by the mitigation coverage in your environment.
The x-axis displays the technique count, and the y-axis displays the mitigation coverage types.
Example of threat groups by MITRE-ATT&CK techniques
In this example, the Threat Groups by MITRE-ATT&CK Technique widget displays the techniques by the threat group count. This widget displays 20 techniques with the highest threat group count.
The x-axis displays the threat group count, and the y-axis displays the MITRE-ATT&CK techniques.
Example of CVEs by MITRE-ATT&CK techniques
In this example, the CVEs by MITRE-ATT&CK Technique widget displays the techniques with the relevant CVE count in your environment.
The x-axis displays the relevant CVE count, and the y-axis displays the MITRE-ATT&CK techniques.