Aligning Defender ATP Alerts to MITRE ATT&CK - Video Demonstration

Many organizations are aligning to MITRE’s ATT&CK for Enterprise and some enterprises would like to, but just don’t know where to start. In this video, we will demonstrate how organizations can prioritize efforts based on alert information they are already receiving, using Microsoft Defender ATP, Logic Apps, and Log Analytics.

 

 

To learn more about how Microsoft Defender ATP Telemetry helps an analyst visualize MITRE ATT&CK and Technique information, read through Dan's 3-part series:

 

Microsoft Defender ATP Telemetry: Viewing MITRE ATT&CK Context (Part 1)

 

Microsoft Defender ATP Telemetry: Azure Log Analytics Workspace (Part 2)

 

Microsoft Defender ATP Telemetry: Workbook Visualizations (Part 3)

 

Dan Kiraly
Senior Research Scientist | Optiv
Dan Kiraly is senior research scientist on Optiv’s R&D team. In this role he's responsible for use case development and the vetting of security products for Optiv.