diff --git a/other/sigma_attack_nav_coverage.json b/other/sigma_attack_nav_coverage.json
index db507ac81..f78960580 100644
--- a/other/sigma_attack_nav_coverage.json
+++ b/other/sigma_attack_nav_coverage.json
@@ -305,7 +305,7 @@
{
"techniqueID": "T1003",
"tactic": "credential-access",
- "score": 35,
+ "score": 34,
"color": "",
"comment": "",
"enabled": true,
@@ -360,7 +360,7 @@
{
"techniqueID": "T1548",
"tactic": "privilege-escalation",
- "score": 20,
+ "score": 22,
"color": "",
"comment": "",
"enabled": true,
@@ -371,7 +371,7 @@
{
"techniqueID": "T1548",
"tactic": "defense-evasion",
- "score": 20,
+ "score": 22,
"color": "",
"comment": "",
"enabled": true,
@@ -404,7 +404,7 @@
{
"techniqueID": "T1562.001",
"tactic": "defense-evasion",
- "score": 118,
+ "score": 127,
"color": "",
"comment": "",
"enabled": true,
@@ -1053,7 +1053,7 @@
{
"techniqueID": "T1105",
"tactic": "command-and-control",
- "score": 75,
+ "score": 80,
"color": "",
"comment": "",
"enabled": true,
@@ -1119,7 +1119,7 @@
{
"techniqueID": "T1197",
"tactic": "defense-evasion",
- "score": 17,
+ "score": 16,
"color": "",
"comment": "",
"enabled": true,
@@ -1130,7 +1130,7 @@
{
"techniqueID": "T1197",
"tactic": "persistence",
- "score": 17,
+ "score": 16,
"color": "",
"comment": "",
"enabled": true,
@@ -1152,7 +1152,7 @@
{
"techniqueID": "T1204.002",
"tactic": "execution",
- "score": 32,
+ "score": 36,
"color": "",
"comment": "",
"enabled": true,
@@ -1471,7 +1471,7 @@
{
"techniqueID": "T1047",
"tactic": "execution",
- "score": 49,
+ "score": 50,
"color": "",
"comment": "",
"enabled": true,
@@ -1900,7 +1900,7 @@
{
"techniqueID": "T1548.002",
"tactic": "privilege-escalation",
- "score": 54,
+ "score": 56,
"color": "",
"comment": "",
"enabled": true,
@@ -1911,7 +1911,7 @@
{
"techniqueID": "T1548.002",
"tactic": "defense-evasion",
- "score": 54,
+ "score": 56,
"color": "",
"comment": "",
"enabled": true,
@@ -2131,7 +2131,7 @@
{
"techniqueID": "T1059.005",
"tactic": "execution",
- "score": 25,
+ "score": 26,
"color": "",
"comment": "",
"enabled": true,
@@ -2142,7 +2142,7 @@
{
"techniqueID": "T1059.007",
"tactic": "execution",
- "score": 21,
+ "score": 22,
"color": "",
"comment": "",
"enabled": true,
@@ -2263,7 +2263,7 @@
{
"techniqueID": "T1218",
"tactic": "defense-evasion",
- "score": 150,
+ "score": 152,
"color": "",
"comment": "",
"enabled": true,
@@ -2359,6 +2359,28 @@
"links": [],
"showSubtechniques": false
},
+ {
+ "techniqueID": "T1543.003",
+ "tactic": "persistence",
+ "score": 47,
+ "color": "",
+ "comment": "",
+ "enabled": true,
+ "metadata": [],
+ "links": [],
+ "showSubtechniques": false
+ },
+ {
+ "techniqueID": "T1543.003",
+ "tactic": "privilege-escalation",
+ "score": 47,
+ "color": "",
+ "comment": "",
+ "enabled": true,
+ "metadata": [],
+ "links": [],
+ "showSubtechniques": false
+ },
{
"techniqueID": "T1053.005",
"tactic": "execution",
@@ -2439,7 +2461,7 @@
{
"techniqueID": "T1036.003",
"tactic": "defense-evasion",
- "score": 28,
+ "score": 27,
"color": "",
"comment": "",
"enabled": true,
@@ -2626,7 +2648,7 @@
{
"techniqueID": "T1112",
"tactic": "defense-evasion",
- "score": 92,
+ "score": 95,
"color": "",
"comment": "",
"enabled": true,
@@ -2637,7 +2659,7 @@
{
"techniqueID": "T1112",
"tactic": "persistence",
- "score": 92,
+ "score": 95,
"color": "",
"comment": "",
"enabled": true,
@@ -2692,7 +2714,7 @@
{
"techniqueID": "T1574.001",
"tactic": "persistence",
- "score": 89,
+ "score": 90,
"color": "",
"comment": "",
"enabled": true,
@@ -2703,7 +2725,7 @@
{
"techniqueID": "T1574.001",
"tactic": "privilege-escalation",
- "score": 89,
+ "score": 90,
"color": "",
"comment": "",
"enabled": true,
@@ -2714,7 +2736,7 @@
{
"techniqueID": "T1574.001",
"tactic": "defense-evasion",
- "score": 89,
+ "score": 90,
"color": "",
"comment": "",
"enabled": true,
@@ -2766,6 +2788,17 @@
"links": [],
"showSubtechniques": false
},
+ {
+ "techniqueID": "T1553.005",
+ "tactic": "defense-evasion",
+ "score": 6,
+ "color": "",
+ "comment": "",
+ "enabled": true,
+ "metadata": [],
+ "links": [],
+ "showSubtechniques": false
+ },
{
"techniqueID": "T1134",
"tactic": "defense-evasion",
@@ -2788,6 +2821,28 @@
"links": [],
"showSubtechniques": false
},
+ {
+ "techniqueID": "T1546.001",
+ "tactic": "privilege-escalation",
+ "score": 5,
+ "color": "",
+ "comment": "",
+ "enabled": true,
+ "metadata": [],
+ "links": [],
+ "showSubtechniques": false
+ },
+ {
+ "techniqueID": "T1546.001",
+ "tactic": "persistence",
+ "score": 5,
+ "color": "",
+ "comment": "",
+ "enabled": true,
+ "metadata": [],
+ "links": [],
+ "showSubtechniques": false
+ },
{
"techniqueID": "T1552.002",
"tactic": "credential-access",
@@ -2810,28 +2865,6 @@
"links": [],
"showSubtechniques": false
},
- {
- "techniqueID": "T1543.003",
- "tactic": "persistence",
- "score": 45,
- "color": "",
- "comment": "",
- "enabled": true,
- "metadata": [],
- "links": [],
- "showSubtechniques": false
- },
- {
- "techniqueID": "T1543.003",
- "tactic": "privilege-escalation",
- "score": 45,
- "color": "",
- "comment": "",
- "enabled": true,
- "metadata": [],
- "links": [],
- "showSubtechniques": false
- },
{
"techniqueID": "T1588.002",
"tactic": "resource-development",
@@ -2912,7 +2945,7 @@
{
"techniqueID": "T1564.003",
"tactic": "defense-evasion",
- "score": 7,
+ "score": 8,
"color": "",
"comment": "",
"enabled": true,
@@ -3173,6 +3206,17 @@
"links": [],
"showSubtechniques": false
},
+ {
+ "techniqueID": "T1562.006",
+ "tactic": "defense-evasion",
+ "score": 7,
+ "color": "",
+ "comment": "",
+ "enabled": true,
+ "metadata": [],
+ "links": [],
+ "showSubtechniques": false
+ },
{
"techniqueID": "T1059.006",
"tactic": "execution",
@@ -3363,7 +3407,7 @@
{
"techniqueID": "T1547.001",
"tactic": "persistence",
- "score": 38,
+ "score": 39,
"color": "",
"comment": "",
"enabled": true,
@@ -3374,7 +3418,7 @@
{
"techniqueID": "T1547.001",
"tactic": "privilege-escalation",
- "score": 38,
+ "score": 39,
"color": "",
"comment": "",
"enabled": true,
@@ -3943,28 +3987,6 @@
"links": [],
"showSubtechniques": false
},
- {
- "techniqueID": "T1546.001",
- "tactic": "privilege-escalation",
- "score": 3,
- "color": "",
- "comment": "",
- "enabled": true,
- "metadata": [],
- "links": [],
- "showSubtechniques": false
- },
- {
- "techniqueID": "T1546.001",
- "tactic": "persistence",
- "score": 3,
- "color": "",
- "comment": "",
- "enabled": true,
- "metadata": [],
- "links": [],
- "showSubtechniques": false
- },
{
"techniqueID": "T1021.005",
"tactic": "lateral-movement",
@@ -4031,17 +4053,6 @@
"links": [],
"showSubtechniques": false
},
- {
- "techniqueID": "T1562.006",
- "tactic": "defense-evasion",
- "score": 5,
- "color": "",
- "comment": "",
- "enabled": true,
- "metadata": [],
- "links": [],
- "showSubtechniques": false
- },
{
"techniqueID": "T1562.010",
"tactic": "defense-evasion",
@@ -4265,7 +4276,7 @@
{
"techniqueID": "T1554",
"tactic": "persistence",
- "score": 3,
+ "score": 5,
"color": "",
"comment": "",
"enabled": true,
@@ -4328,17 +4339,6 @@
"links": [],
"showSubtechniques": false
},
- {
- "techniqueID": "T1070.006",
- "tactic": "defense-evasion",
- "score": 6,
- "color": "",
- "comment": "",
- "enabled": true,
- "metadata": [],
- "links": [],
- "showSubtechniques": false
- },
{
"techniqueID": "T1547.009",
"tactic": "persistence",
@@ -4493,17 +4493,6 @@
"links": [],
"showSubtechniques": false
},
- {
- "techniqueID": "T1553.005",
- "tactic": "defense-evasion",
- "score": 3,
- "color": "",
- "comment": "",
- "enabled": true,
- "metadata": [],
- "links": [],
- "showSubtechniques": false
- },
{
"techniqueID": "T1497.001",
"tactic": "defense-evasion",
@@ -4570,6 +4559,17 @@
"links": [],
"showSubtechniques": false
},
+ {
+ "techniqueID": "T1070.006",
+ "tactic": "defense-evasion",
+ "score": 6,
+ "color": "",
+ "comment": "",
+ "enabled": true,
+ "metadata": [],
+ "links": [],
+ "showSubtechniques": false
+ },
{
"techniqueID": "T1574.012",
"tactic": "persistence",
diff --git a/other/sigma_attack_nav_coverage.svg b/other/sigma_attack_nav_coverage.svg
index 863b8f6af..e9d88374e 100644
--- a/other/sigma_attack_nav_coverage.svg
+++ b/other/sigma_attack_nav_coverage.svg
@@ -1,2 +1,2 @@
-
\ No newline at end of file
+
\ No newline at end of file