These new features assists the SOC manager in improving his security posture by providing visibility on his current detection efforts
and identifying detection gaps
with the MITRE matrix. The SOC manager can now improve his detection efforts by selecting new datasources to connect to Sekoia.
The previous MITRE preview was mostly static and represented enabled rules in the catalog. But it was not a representation of the actual rules that had compatible events to monitor. The MITRE preview did not represent the effective detection efforts of the SOC manager. Finally, filtering detection rules by intakes was not possible.
Configured intakes
and visualize your current detection efforts in the MITRE previewnew intakes
to run simulations with the MITRE matrix to improve your security posturecompatible
with this rule