IBM QRadar

Hello,

I'm opening a thread for people to be able to talk about their vision in terms of Use Case mapping to a framework.
What do you think of the ATT&CK (https://attack.mitre.org/wiki/Main_Page) Matrix ?
Is it the direction your would like to take or is there any other framework that comes to your mind ?

How would you like to use it within QRadar ?
eg:
- I would like to have a view in offenses.
- I would like the rules to be mapped to X framework.
- My priority is to map the QIDs/Categories to the kill chain
- Etc

Hi All,

i'm using the MaGMa UseCase Framework: MaGMa | Betaalvereniging Nederland

Betaalvereniging Nederland		remove preview
MaGMa | Betaalvereniging Nederland The MaGMa Use Case Framework (UCF) is a framework and tool for use case management and administration on security monitoring The MaGMa Use Case Framework (UCF) is a framework and tool for use case management and administration that helps organizations to operationalize their security monitoring strategy. MaGMa stands for Management, Growth, Metrics & assessment. View this on Betaalvereniging Nederland >

------------------------------
Peter Groenewegen
------------------------------

Original Message:
Sent: 06-01-2018 05:03
From: Gladys Koskas
Subject: Mapping Use Cases to a framework

Hello,

I'm opening a thread for people to be able to talk about their vision in terms of Use Case mapping to a framework.
What do you think of the ATT&CK (https://attack.mitre.org/wiki/Main_Page) Matrix ?
Is it the direction your would like to take or is there any other framework that comes to your mind ?

How would you like to use it within QRadar ?
eg:
- I would like to have a view in offenses.
- I would like the rules to be mapped to X framework.
- My priority is to map the QIDs/Categories to the kill chain
- Etc

------------------------------
Gladys Koskas
------------------------------