Ability to sort a dashboard contents by MITRE kill chain #138256
Labels
Team: SecuritySolution
Security Solutions Team working on SIEM, Endpoint, Timeline, Resolver, etc.
Comments
marius-dr
added
the
Team: SecuritySolution
|
Pinging @elastic/security-solution (Team: SecuritySolution) |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
I am hoping to sort the MITRE Tactics Dashboard columns below according to the MITRE Kill Chain sequence. The progression of an attack through the Kill Chain Tactics is left to right and this is the order I want the dashboard in, from left to right.
Reconnaissance | Resource Development | Initial Access | Execution | Persistence | Privilege Escalation | Defense Evasion | Credential Access | Discovery | Lateral Movement | Collection | Command and Control | Exfiltration | Impact
The attached dashboard shows our alerts broken down by MITRE Tactic. It would be very useful to see these in the correct order of the kill chain because this is how we teach new SOC analysts to recognize Triage priority; work the alerts from right to left. It also provides the SOC manager a quick visualization of the alert environment by kill chain progession.
The text was updated successfully, but these errors were encountered: