Skip to content

Detection graph

Jump to bottom
ruben edited this page Nov 1, 2023 · 9 revisions

The recorded dates on when new detections are implemented can be used to generate a graph on the number of detections added through time.

To generate a graph based on the techniques administration file, you can run the below command. Showing the improvement (also for visibility) within a MITRE ATT&CK Navigator layer is also possible. More info can be found here.

python dettect.py d -ft sample-data/techniques-administration-endpoints.yaml -g
DeTT&CT - Data sources graph

Overview

  1. Home
  2. Introduction
  3. Installation and requirements
  4. Getting started / How to
  5. Changelog
  6. Future developments
  7. ICS - Inconsistencies

Data sources

  1. Introduction
  2. DeTT&CT data sources
  3. Data sources per platform
  4. Data quality
  5. Scoring data quality
  6. Improvement graph

Visibility Coverage

  1. Introduction
  2. Scoring visibility
  3. Improvement graph

Detection coverage

  1. Introduction
  2. Scoring detection
  3. Improvement graph

Threat actor group mapping

  1. Introduction

YAML administration files

  1. Introduction
  2. Data sources
  3. Techniques
  4. Groups
  5. DeTT&CT Editor
Clone this wiki locally