View the MITRE Matrix Related to a Sample
Last updated
Last updated
EVE maps all the tactics, techniques, and sub-techniques associated with each sample based on the malicious, suspicious, and informative behavior activities observed in a sandbox environment.
By analyzing the behavioral patterns of these samples in a controlled setting, EVE is able to correlate specific actions with the corresponding tactics and techniques as defined by frameworks like MITRE ATT&CK.
This detailed mapping enables organizations to gain a comprehensive understanding of how a particular threat operates, from initial access to execution and persistence, providing valuable insights into the adversarial behaviors and allowing for targeted enhancements to their security defenses.
The MITRE link shows the MITRE Table of the threat or artifact, including its tactics, techniques, and sub techniques, as shown below:
EVE provide access to the coverage of the MITRE ATT&CK framework in the web interface for each emulation and package, the tactics of the MITRE ATT&CK are presented. For each sample a link to the MITRE ATT&CK Matrix is presented.
This view shows a map of all the phases that the sample could use during the attack.
To view the MITRE table related to a sample, follow the steps below:
Click on the button and a new browser tab will open the MITRE ATT&CK Matrix. For more information visit https://github.com/mitre-attack/attack-navigator.
From the Threat Library tab find the icon in the Actions column.
