MITRE ATT&CK Matrix
이 콘텐츠는 아직 한국어로 제공되지 않습니다.
The MITRE ATT&CK page provides an interactive visualization of your detection coverage mapped to the MITRE ATT&CK framework. It helps security teams identify coverage gaps and prioritize detection rule development.
Views
Matrix View
A full ATT&CK matrix showing all 14 tactics with their techniques as a heatmap grid:
- Green cells: Techniques with active detection rules
- Gray cells: Techniques without coverage (gaps)
- Color intensity: Based on detection count (more detections = brighter)
List View
A tabular view showing each tactic with:
- Total techniques and covered count
- Coverage percentage with color coding
- Detection count per tactic
- Mini heatmap showing individual technique coverage
Coverage Statistics
| Metric | Description |
|---|---|
| Technique Coverage | Percentage of ATT&CK techniques with at least one detection rule |
| Sub-technique Coverage | Coverage at the sub-technique level |
| Uncovered Techniques | Number of gaps to address |
| Total Detections | Active detection rules mapped to ATT&CK |
Investigation Panel
Click any technique to open a detail panel showing:
- Technique ID, name, and description
- Coverage status and detection count
- Sub-techniques with individual coverage status
- Data sources required for detection
- Supported platforms
- Links to:
- MITRE ATT&CK website for the technique
- Related detections in your environment
- Associated detection rules
Filtering
- Search: Find techniques by ID or name (e.g., “T1059” or “Command”)
- Coverage filter: Show All, Covered only, or Uncovered only (gap analysis)
Access Requirements
The MITRE ATT&CK matrix requires the Respond (MDR) tier or above.