MITRE ATT&CK Sub-Technique Update - Solves Issue #5279 (#5280)

* Resolves Issue #5279 * Corrected the "updated_date" value * Put the technique and sub-technique in the correct location --------- Co-authored-by: Jonhnathan <26856693+w0rk3r@users.noreply.github.com> Co-authored-by: Terrance DeJesus <99630311+terrancedejesus@users.noreply.github.com>
2025-11-11 16:26:14 +01:00
parent 32fb003781
commit da9bfd0abc
1 changed files with 10 additions and 2 deletions
@@ -2,7 +2,7 @@
 creation_date = "2020/11/04"
 integration = ["endpoint", "sentinel_one_cloud_funnel"]
 maturity = "production"
-updated_date = "2025/09/04"
+updated_date = "2025/11/04"

 [transform]
 [[transform.investigate]]
@@ -344,7 +344,14 @@ id = "T1568.002"
 name = "Domain Generation Algorithms"
 reference = "https://attack.mitre.org/techniques/T1568/002/"

-
+[[rule.threat.technique]]
+id = "T1090"
+name = "Proxy"
+reference = "https://attack.mitre.org/techniques/T1090/"
+[[rule.threat.technique.subtechnique]]
+id = "T1090.002"
+name = "External Proxy"
+reference = "https://attack.mitre.org/techniques/T1090/002/"

 [rule.threat.tactic]
 id = "TA0011"
@@ -352,6 +359,7 @@ name = "Command and Control"
 reference = "https://attack.mitre.org/tactics/TA0011/"
 [[rule.threat]]
 framework = "MITRE ATT&CK"
+
 [[rule.threat.technique]]
 id = "T1567"
 name = "Exfiltration Over Web Service"