ovcrash
commented
1 year ago This would be excellent to show purple teaming data vs which technics threat actors are using.
Open bbutz-nydig opened 2 years ago
ovcrash
commented
1 year ago This would be excellent to show purple teaming data vs which technics threat actors are using.
I am looking for a way to take a layer I have created for my detection coverage and highlight relevant techniques used by a specific threat group so that I can easily see what coverage I have in place vs that group's known techniques.
Currently, it appears that when I have a layer loaded with relevant detection techniques, I can change the background of the techniques by my threat group.
Alternatively, I would like to keep the background color (which represents my detection scoring) and identify techniques used by my threat group in another way, such as changing the Border of the cell to a Bold Red, or some other characteristic.
This way I can demonstrate that for a specific threat group, I either need detection logic or that I have sufficient detection logic for each of the techniques employed by that group.