Skip to main content

Outcomes NavigatorOutcomes Navigator Guide

Outcomes Navigator Coverage

Learn how Outcomes Navigator defines coverage.

In Outcomes Navigator, coverage is a metric of how well your environment is configured to address a given use case or MITRE ATT&CK® technique. Coverage may refer to how well your environment is configured as a whole or how well your environment is configured to enable specific features or applications.[2]

Coverage is determined by the amount and quality of data your environment receives. For your environment to address a given use case, it must receive data relevant to the use case, receive an adequate amount of data for the coverage level you want, and parse the data. To improve your coverage, you configure more products in product categories relevant to the use case or ATT&CK technique; the more relevant products you configure, the more relevant data your environment receives, and the more coverage your environment has for the use case or ATT&CK technique.

Coverage is measured by levels from None, Good, Better, to Best depending on the amount of relevant data your environment receives. No coverage means your environment is poorly configured to address a use case or ATT&CK technique; your environment doesn't receive any data relevant to the use case or ATT&CK technique. Best coverage means your environment is optimally configured to address a use case or ATT&CK technique; your environment receives a lot of data relevant to the use case or ATT&CK technique.



[2] MITRE ATT&CK and ATT&CK are trademarks of The MITRE Corporation ("MITRE"). Exabeam is not affiliated with or sponsored or endorsed by MITRE. Nothing herein is a representation of the views or opinions of MITRE or its personnel.