yugoslavskiy
commented
3 years ago Hello @andurin!
Thank you for your contribution! We think that it's OK to add a new entity if you believe that it is required. I will merge your PR as soon as you resolve the conflicts.
Thanks!
Hi,
I just thought about a small new ATC feature where one may define "Use Cases" as some kind of container for detection rules.
For example: Customer wants to have "UC_FOOBAR" which is detectable by DR_0001, DR_0005, DR_0020.
Would this make sense? It would be only one new layer between Customer and Detection Rules.