Inopli Documentation
  • Getting Started
    • Understanding Inopli
    • First Access
    • Inopli's Features
  • System Settings
    • Configuring the MSS
      • Configuring the MSP's profile
      • Request Categories
      • Policies
      • Managing Integrations
        • ChatGPT
        • Slack
        • Telegram
        • Google Chat
        • E-mail
      • Data Sources
      • Roles
        • Creating a Role
    • Managing Companies
      • Configuring the Company's profile
      • Company's Roles
      • Managing Company's Integrations
      • Monitoring Systems
    • Managing User Access
      • Creating MSP's user accounts
      • Creating end user accounts
  • System Administration
    • Rules
      • Main
      • Monitoring Systems
      • Rule Details
      • Mitre Techniques
      • Playbooks
      • Companies
    • Knowledge Lists
    • Managing MITRE
  • User Guide
    • Dashboards
      • Operational Dashboard
      • Executive Dashboard
      • KPIs Dashboard
      • Alert Management Dashboard
        • Confusion Matrix
    • Incidents
      • Alerts
      • Messages
      • History
      • Rate
      • Playbooks
      • Rules
    • Requests
  • Resources
    • Inopli Correlator
Powered by GitBook
On this page
  1. System Administration

Managing MITRE

PreviousKnowledge ListsNextDashboards

Last updated 1 year ago

The MITRE ATT&CKĀ® (Adversarial Tactics, Techniques, and Common Knowledge) is a well-known global framework used for understanding and categorizing tactics, techniques, and procedures (TTPs) associated with cyber threats.

In Inopli, it is integrated into a dynamic and adaptable dashboard for security system administrators. This control panel offers an interactive interface, allowing administrative users to add or remove techniques and sub-techniques from the MITRE ATT&CK framework. This functionality is crucial for keeping the system's database aligned with the latest strategies and changes in the cyber threat landscape.

When a new technique is added to the system through the dashboard, it becomes immediately available for use in various functions. This includes application in correlation rules, which are essential for detecting and responding to incidents. Additionally, the newly included technique is also integrated into the MITRE coverage indicator generator, to evaluate the effectiveness of the implemented security measures.

The inclusion of updated techniques and sub-techniques ensures an increase in security, as it allows administrators to keep up with emerging trends in cyber attacks.

This approach ensures that the team not only keeps its threat database updated, but also strengthens its ability to prevent, detect, and respond to security incidents more effectively.


Creating a Technique

To ensure that the documentation always remains up-to-date, the team has the ability to add new techniques and/or sub-techniques, as well as to delete those that are no longer necessary. In the addition process, a detailed form is used, in which all essential information is requested for the accurate mapping of a new technique, sub-technique, and its respective version. This procedure ensures that each entry is complete, thus facilitating the management and location of information within the system.


Overview MITRE Att&ack Matrix
Create a Technique