This may be out of scope of this project but as a blue teamer it would be very useful for me to have a cheatsheet where I can look up log event operations and see what techniques they map to.
Thansk for the suggestion! In the meantime, https://traildiscover.cloud/ might be helpful for you! It has a link back to Stratus Red Team. cc @adanalvarez FYI
This may be out of scope of this project but as a blue teamer it would be very useful for me to have a cheatsheet where I can look up log event operations and see what techniques they map to.
I think having an additional column on this page:
https://stratus-red-team.cloud/attack-techniques/list/
That for each row, lists the related operation that is logged for the technique.
E.g. for the row "Retrieve EC2 password data" have another column that lists "ec2:GetPasswordData"
I know this is also contained in the technique pages themselves but it is hard to ctrl-f on those.
Happy to pick this up if it is of interest.