security-tools/sigma-rules
1
0
Fork 0
Code Issues Pull Requests Actions 1 Packages Projects Releases Wiki Activity
Files
bd345d4c19137ffad5bedfc62a22cec8f2629709
sigma-rules/docs/ATT&CK-coverage.md
T
Justin Ibarra bb105a3c43 Replace * in navigator filenames (#1813)
2022-03-04 08:45:55 -09:00

18 KiB
Raw Blame History

Rule coverage

ATT&CK navigator layer files are generated when a package is built with make release or python -m detection-rules. This also means they can be downloaded from all successful builds.

These files can be used to pass to a custom navigator session. For convenience, the links are generated below. You can also include multiple across tabs in a single session, though it is not advisable to upload all of them as it will likely overload your browsers resources.

Current rule coverage

The source files for these links are regenerated with every successful merge to main. These represent coverage from the state of rules in the main branch.

Full coverage: ATT&CK navigator coverage

Coverage by platform: navigator

other navigator links by rule attributes
Elastic-detection-rules-indexes-auditbeat-WILDCARD
Elastic-detection-rules-indexes-filebeat-WILDCARD
Elastic-detection-rules-indexes-logs-WILDCARD
Elastic-detection-rules-indexes-logs-awsWILDCARD
Elastic-detection-rules-indexes-logs-azureWILDCARD
Elastic-detection-rules-indexes-logs-cyberarkpas
Elastic-detection-rules-indexes-logs-endpoint
Elastic-detection-rules-indexes-logs-gcpWILDCARD
Elastic-detection-rules-indexes-logs-google_workspaceWILDCARD
Elastic-detection-rules-indexes-logs-o365WILDCARD
Elastic-detection-rules-indexes-logs-oktaWILDCARD
Elastic-detection-rules-indexes-logs-system
Elastic-detection-rules-indexes-logs-windows
Elastic-detection-rules-indexes-metrics-WILDCARD
Elastic-detection-rules-indexes-packetbeat-WILDCARD
Elastic-detection-rules-indexes-traces-WILDCARD
Elastic-detection-rules-indexes-winlogbeat-WILDCARD
Elastic-detection-rules-tags-active-directory
Elastic-detection-rules-tags-application
Elastic-detection-rules-tags-asset-visibility
Elastic-detection-rules-tags-aws
Elastic-detection-rules-tags-azure
Elastic-detection-rules-tags-cloud
Elastic-detection-rules-tags-collection
Elastic-detection-rules-tags-command-and-control
Elastic-detection-rules-tags-communication
Elastic-detection-rules-tags-configuration-audit
Elastic-detection-rules-tags-continuous-monitoring
Elastic-detection-rules-tags-credential-access
Elastic-detection-rules-tags-cyberarkpas
Elastic-detection-rules-tags-data-protection
Elastic-detection-rules-tags-defense-evasion
Elastic-detection-rules-tags-discovery
Elastic-detection-rules-tags-elastic
Elastic-detection-rules-tags-execution
Elastic-detection-rules-tags-gcp
Elastic-detection-rules-tags-google-workspace
Elastic-detection-rules-tags-gtfobins
Elastic-detection-rules-tags-host
Elastic-detection-rules-tags-identity-and-access
Elastic-detection-rules-tags-identity
Elastic-detection-rules-tags-impact
Elastic-detection-rules-tags-initial-access
Elastic-detection-rules-tags-lateral-movement
Elastic-detection-rules-tags-linux
Elastic-detection-rules-tags-log-auditing
Elastic-detection-rules-tags-macos
Elastic-detection-rules-tags-microsoft-365
Elastic-detection-rules-tags-ml
Elastic-detection-rules-tags-monitoring
Elastic-detection-rules-tags-network-security
Elastic-detection-rules-tags-network
Elastic-detection-rules-tags-okta
Elastic-detection-rules-tags-persistence
Elastic-detection-rules-tags-post-execution
Elastic-detection-rules-tags-privilege-escalation
Elastic-detection-rules-tags-secops
Elastic-detection-rules-tags-threat-detection
Elastic-detection-rules-tags-windows
Elastic-detection-rules-tags-zoom
Reference in New Issue View Git Blame Copy Permalink