IBM QRadar SOAR

IBM QRadar

Join this online user group to communicate across Security product users and IBM experts by sharing advice and best practices with peers and staying up to date regarding product enhancements.

 View Only

  • 1.  Multiple Tactics and Techniques in MITRE ATT&CK Integration

    Posted Thu May 07, 2020 09:40 AM
    Hi, 
    I recently installed the MITRE ATT&CK integration for Resilient. Two questions : 
    1. Is it possible to have multiple Tactic and Technique IDs and Tactic and Technique Names.
    2. Is it possible to have a dropdown list with the names and IDs. So they can be multiselect, and then the app can be action run on top of those ids and names. 

    Thanks, 
    Clinton

    ------------------------------
    Clinton Dsouza
    ------------------------------


  • 2.  RE: Multiple Tactics and Techniques in MITRE ATT&CK Integration

    Posted Fri May 08, 2020 06:00 PM
    You can make these changes yourself with just a little bit of tweaking to the fields and processors. Have you attempted to do this?

    Otherwise, I recommend posting an idea in the aha.io portal if you'd like the Resilient dev team to consider updating it.

    ------------------------------
    Jared Fagel
    Cyber Security Analyst I
    Public Utility
    ------------------------------

    Original Message


  • 3.  RE: Multiple Tactics and Techniques in MITRE ATT&CK Integration

    Posted Mon May 11, 2020 10:06 AM
    @Clinton Dsouza thanks for posting in the forums...

    The Ideas portal that @Jared Fagel referenced can be found here, and the Resilient team will be sure to take a look!​

    ------------------------------
    Connor Costello
    ------------------------------

    Original Message


Related Content