Hello everyone, the latest release of the MITRE ATT&CK Adviser is now live! The MITRE ATT&CK Adviser is a key tool in understanding your alert coverage and managing your security posture. Everyone has access to this tool through Devo Exchange. Release 1.10.0 adds a few new features and User interaction improvements. Starting with the new Technique Card filter, which now filter available alerts for that card in the Alerts Section. We’ve also enhanced the Log Source Filter to additionally filter the alerts within the chosen Techniques, showing only Alerts related to the selected log source. Read on to learn more!
Geo Availability
| Region | Status |
|---|---|
| GovCloud | Released |
| CA | Released |
| US | Released |
| EU | Released |
| APAC | Released |
Table of Contents
New Features
Technique Card Alert Filter
Clicking on a Technique card will automatically filter the available alerts for that Technique in the Alert Window. Speeding up alert management and improving the workflow of the MITRE ATT&CK Adviser.
Log source filter now affects both alerts and techniques
MITRE ATT&CK Adviser now filters the alerts within the techniques for the selected log sources and calculates the total coverage more accurately.
Improvements
Alert Filter Improvements
Migrated MITRE tables to new system brings customer benefits in the shape of New filter options available for the Alerts window. You can now filter by these functions:
- Contains
- Does not contain
- Equals to
- Does not equal to
- Begins with
- Ends with
- Blank
- Not blank