Viewing MITRE Compliance
The Policy Audit application leverages MITRE’s ATT&CK® framework for cybersecurity. MITRE ATT&CK® is a globally-accessible knowledge base of adversary tactics and techniques based on real-world observations.
View MITRE ATT&CKCK® Compliance Posture
The MITRE compliance score helps you to evaluate your organization's adherence to the MITRE ATT&CK® framework. You can view the compliance score for the MITRE tactics, techniques, sub-techniques, and the number of assets, controls, and control instances. The MITRE ATT&CK EXPOSURE graph at the top displays a graphical presentation of the Mitre compliance data (posture count for passed and failed associated with Mitre).
To view the compliance by control:
-
Go to Posture > Controls.
-
Click Group By > MITRE ATT&CKpan> and then select any one of the following Group By options to filter out the posture records to understand MITRE compliance.
-
Tactic: Displays compliance posture data based on MITRE tactics.
-
Technique: Displays compliance posture data based on MITRE technique.
-
Sub-Technique: Displays compliance posture data based on MITRE sub-technique.
View MITRE ATT&CK® Compliance Posture Details
The MITRE ATT&CK® compliance posture details provide detailed information about the MITRE tactics, techniques, and sub-techniques associated with the control. By understanding these compliance posture details, you can validate your organization’s adherence to MITRE compliance. The posture details comprise:
-
TACTICS: It displays tactic names, techniques and sub-techniques associated with the control of the posture.
A control can be associated with one or multiple techniques. Each technique, in turn, is associated with one or more sub-techniques.
-
MITIGATIONS: It displays the list of mitigation associated with control.
To view MITRE ATT&CK® posture details:
-
Go to the Posture tab.
-
On the Posture tab, select a control you are interested in and select View Posture Details from the Quick Action menu.
Click the Mitre Attack tab, the information appears as shown in the following image: