[Rule Tuning] Add Supplemental Mitre Mappings (#5876)

---------

Co-authored-by: Ruben Groenewoud <78494512+Aegrah@users.noreply.github.com>
Co-authored-by: Isai <59296946+imays11@users.noreply.github.com>
Co-authored-by: terrancedejesus <terrance.dejesus@elastic.co>
Co-authored-by: Jonhnathan <26856693+w0rk3r@users.noreply.github.com>
Co-authored-by: eric-forte-elastic <eric.forte@elastic.co>

rules/linux/persistence_git_hook_process_execution.toml

@@ -2,7 +2,7 @@
 creation_date = "2024/06/26"
 integration = ["endpoint", "crowdstrike", "sentinel_one_cloud_funnel"]
 maturity = "production"
-updated_date = "2025/12/22"
+updated_date = "2026/03/24"
 
 [rule]
 author = ["Elastic"]
@@ -132,6 +132,11 @@ id = "T1543"
 name = "Create or Modify System Process"
 reference = "https://attack.mitre.org/techniques/T1543/"
 
+[[rule.threat.technique]]
+id = "T1546"
+name = "Event Triggered Execution"
+reference = "https://attack.mitre.org/techniques/T1546/"
+
 [[rule.threat.technique]]
 id = "T1574"
 name = "Hijack Execution Flow"