security-tools/sigma-rules
1
0
Fork 0
Code Issues Pull Requests Actions 3 Packages Projects Releases Wiki Activity
Files
ee10be70b998fcf7610f6cf40ea4d545313951de
sigma-rules/docs/ATT&CK-coverage.md
T
github-actions[bot] ee10be70b9 Update ATT&CK coverage URL(s) in docs/ATT&CK-coverage.md (#4265)
2024-11-08 20:27:04 +05:30

39 KiB
Raw Blame History

Rule coverage

ATT&CK navigator layer files are generated when a package is built with make release or python -m detection-rules.This also means they can be downloaded from all successful builds.

These files can be used to pass to a custom navigator session. For convenience, the links are generated below. You can also include multiple across tabs in a single session, though it is not advisable to upload all of them as it will likely overload your browsers resources.

Current rule coverage

The source files for these links are regenerated with every successful merge to main. These represent coverage from the state of rules in the main branch.

Full coverage: ATT&CK navigator coverage

Coverage by platform: navigator

other navigator links by rule attributes
Elastic-detection-rules-indexes-
Elastic-detection-rules-indexes-apm-WILDCARD-transactionWILDCARD
Elastic-detection-rules-indexes-auditbeat-WILDCARD
Elastic-detection-rules-indexes-endgame-WILDCARD
Elastic-detection-rules-indexes-filebeat-WILDCARD
Elastic-detection-rules-indexes-logs-WILDCARD
Elastic-detection-rules-indexes-logs-auditd_manager
Elastic-detection-rules-indexes-logs-aws
Elastic-detection-rules-indexes-logs-azure
Elastic-detection-rules-indexes-logs-azureWILDCARD
Elastic-detection-rules-indexes-logs-cloud_defendWILDCARD
Elastic-detection-rules-indexes-logs-crowdstrike
Elastic-detection-rules-indexes-logs-cyberarkpas
Elastic-detection-rules-indexes-logs-endpoint
Elastic-detection-rules-indexes-logs-endpointWILDCARD
Elastic-detection-rules-indexes-logs-fim
Elastic-detection-rules-indexes-logs-gcpWILDCARD
Elastic-detection-rules-indexes-logs-github
Elastic-detection-rules-indexes-logs-google_workspaceWILDCARD
Elastic-detection-rules-indexes-logs-jamf_protectWILDCARD
Elastic-detection-rules-indexes-logs-kubernetes
Elastic-detection-rules-indexes-logs-m365_defender
Elastic-detection-rules-indexes-logs-network_traffic
Elastic-detection-rules-indexes-logs-o365
Elastic-detection-rules-indexes-logs-o365WILDCARD
Elastic-detection-rules-indexes-logs-okta
Elastic-detection-rules-indexes-logs-oktaWILDCARD
Elastic-detection-rules-indexes-logs-panw
Elastic-detection-rules-indexes-logs-sentinel_one_cloud_funnel
Elastic-detection-rules-indexes-logs-system
Elastic-detection-rules-indexes-logs-windows
Elastic-detection-rules-indexes-metrics-WILDCARD
Elastic-detection-rules-indexes-ml_beaconing
Elastic-detection-rules-indexes-packetbeat-WILDCARD
Elastic-detection-rules-indexes-traces-WILDCARD
Elastic-detection-rules-indexes-traces-apmWILDCARD
Elastic-detection-rules-indexes-winlogbeat-WILDCARD
Elastic-detection-rules-tags-active-directory-monitoring
Elastic-detection-rules-tags-active-directory
Elastic-detection-rules-tags-amazon-ec2
Elastic-detection-rules-tags-amazon-route53
Elastic-detection-rules-tags-amazon-s3
Elastic-detection-rules-tags-amazon-web-services
Elastic-detection-rules-tags-apm
Elastic-detection-rules-tags-asset-visibility
Elastic-detection-rules-tags-auditd-manager
Elastic-detection-rules-tags-aws-cloudtrail
Elastic-detection-rules-tags-aws-cloudwatch
Elastic-detection-rules-tags-aws-ec2
Elastic-detection-rules-tags-aws-iam
Elastic-detection-rules-tags-aws-kms
Elastic-detection-rules-tags-aws-lambda
Elastic-detection-rules-tags-aws-rds
Elastic-detection-rules-tags-aws-route53
Elastic-detection-rules-tags-aws-s3
Elastic-detection-rules-tags-aws-secrets-manager
Elastic-detection-rules-tags-aws-service-quotas
Elastic-detection-rules-tags-aws-sign-in
Elastic-detection-rules-tags-aws-signin
Elastic-detection-rules-tags-aws-sns
Elastic-detection-rules-tags-aws-ssm
Elastic-detection-rules-tags-aws-sts
Elastic-detection-rules-tags-aws-systems-manager
Elastic-detection-rules-tags-aws
Elastic-detection-rules-tags-azure
Elastic-detection-rules-tags-bbr
Elastic-detection-rules-tags-bpfdoor
Elastic-detection-rules-tags-c2-beaconing-detection
Elastic-detection-rules-tags-cloud
Elastic-detection-rules-tags-cobalt-strike
Elastic-detection-rules-tags-collection
Elastic-detection-rules-tags-command-and-control
Elastic-detection-rules-tags-configuration-audit
Elastic-detection-rules-tags-container
Elastic-detection-rules-tags-credential-access
Elastic-detection-rules-tags-crowdstrike
Elastic-detection-rules-tags-cyberark-pas
Elastic-detection-rules-tags-data-exfiltration-detection
Elastic-detection-rules-tags-defense-evasion
Elastic-detection-rules-tags-discovery
Elastic-detection-rules-tags-domain-generation-algorithm-detection
Elastic-detection-rules-tags-elastic-defend-for-containers
Elastic-detection-rules-tags-elastic-defend
Elastic-detection-rules-tags-elastic-endgame
Elastic-detection-rules-tags-endpoint
Elastic-detection-rules-tags-entra-id-sign-in
Elastic-detection-rules-tags-entra-id
Elastic-detection-rules-tags-execution
Elastic-detection-rules-tags-exfiltration
Elastic-detection-rules-tags-file-integrity-monitoring
Elastic-detection-rules-tags-gcp
Elastic-detection-rules-tags-github
Elastic-detection-rules-tags-google-cloud-platform
Elastic-detection-rules-tags-google-workspace
Elastic-detection-rules-tags-higher-order-rule
Elastic-detection-rules-tags-identity-and-access-audit
Elastic-detection-rules-tags-impact
Elastic-detection-rules-tags-initial-access
Elastic-detection-rules-tags-investigation-guide
Elastic-detection-rules-tags-jamf-protect
Elastic-detection-rules-tags-kubernetes
Elastic-detection-rules-tags-lateral-movement-detection
Elastic-detection-rules-tags-lateral-movement
Elastic-detection-rules-tags-lightning-framework
Elastic-detection-rules-tags-linux
Elastic-detection-rules-tags-living-off-the-land-attack-detection
Elastic-detection-rules-tags-log-auditing
Elastic-detection-rules-tags-machine-learning
Elastic-detection-rules-tags-macos
Elastic-detection-rules-tags-microsoft-365
Elastic-detection-rules-tags-microsoft-defender-for-endpoint
Elastic-detection-rules-tags-microsoft-entra-id
Elastic-detection-rules-tags-ml
Elastic-detection-rules-tags-network-security-monitoring
Elastic-detection-rules-tags-network
Elastic-detection-rules-tags-okta
Elastic-detection-rules-tags-orbit
Elastic-detection-rules-tags-pan-os
Elastic-detection-rules-tags-persistence
Elastic-detection-rules-tags-powershell-logs
Elastic-detection-rules-tags-privilege-escalation
Elastic-detection-rules-tags-reconnaissance
Elastic-detection-rules-tags-resource-development
Elastic-detection-rules-tags-rootkit
Elastic-detection-rules-tags-saas
Elastic-detection-rules-tags-sentinelone
Elastic-detection-rules-tags-sysmon
Elastic-detection-rules-tags-system
Elastic-detection-rules-tags-threat-detection
Elastic-detection-rules-tags-triplecross
Elastic-detection-rules-tags-ueba
Elastic-detection-rules-tags-vulnerability
Elastic-detection-rules-tags-windows
Elastic-detection-rules-tags-zoom
Reference in New Issue View Git Blame Copy Permalink