Skip to main content

Cyware Threat Intelligence eXchange

View Details of a Sub-Technique

Analysts can view the following details for a sub-technique:

  • Alias: View the alias name of the sub-technique. You can view the same in Threat Data which lists all the attack patterns with alias.

  • Basic Details: View the number of indicators, malware, and threat actors identified by CTIX for the selected technique. A MITRE sub-technique in the CTIX application includes information, such as detailed description, platform, data sources, software, last modified date, tactic, and defense bypass. You can also view information about:

    • Procedures performed by an attacker before and after an attack. Procedural information is available for specific sub-techniques only.

    • Methods to mitigate the sub-technique from potential threats by understanding the pattern.

    • Methods to detect a pattern for the sub-technique and control a potential breach in time.

  • Tasks: View and create tasks for the selected sub-technique. For more information, see Add a Task for a Technique

  • References: View the list of URLs related to the selected sub-technique.

  • Notes: View and add notes for the selected sub-technique. For more information, see Create a Note for ATT&CK Navigator Technique.

Steps

To view the details of the sub-technique, follow these steps:

  1. Go to Main Menu > Analysis > ATT&CK Navigator.

  2. Select a layer.

  3. Expand the technique to view the associated sub-techniques.

  4. Select the sub-technique to view the details. Click Open in Threat Data to view details in Threat Data.