Merge pull request #2171 from StefanGrimminck/add-mitre-mapping

add MITRE technique mapping

rules/cloud/aws/aws_efs_fileshare_mount_modified_or_deleted.yml

@@ -18,3 +18,4 @@ falsepositives:
 level: medium
 tags:
     - attack.impact
+    - attack.t1485

rules/cloud/aws/aws_eks_cluster_created_or_deleted.yml

@@ -18,6 +18,7 @@ detection:
 level: low
 tags:
     - attack.impact
+    - attack.t1485
 falsepositives:
  - EKS Cluster being created or deleted may be performed by a system administrator. 
  - Verify whether the user identity, user agent, and/or hostname should be making changes in your environment.