- Get Started with Outcomes Navigator
- Use Outcomes Navigator from a MITRE ATT&CK® Perspective
- Use Outcomes Navigator from a Threat Detection, Investigation, and Response (TDIR) Use Case Categories Perspective
- View Recommendations for Improving Your Configuration
- Share Information in Outcomes Navigator
- Outcomes Navigator Coverage Calculation
- Outcomes Navigator Parser Calibration Tier Average Calculation
Assess Your Current Configuration Using the MITRE ATT&CK® Framework
Understand how well your environment is configured to protect against a specific MITRE ATT&CK® technique.[5]
[5] MITRE ATT&CK and ATT&CK are trademarks of The MITRE Corporation ("MITRE"). Exabeam is not affiliated with or sponsored or endorsed by MITRE. Nothing herein is a representation of the views or opinions of MITRE or its personnel.
Under the View Outcomes by MITRE ATT&CK® Tactics and Techniques > Organizational Coverage tab, get details on the state of your configuration. Find more resources about the ATT&CK technique, view the products you configured that provide data for related Exabeam applications and features, and learn what Exabeam applications and features your current configuration enables.
To navigate to the Organizational Coverage tab, in Explore Exabeam Content Through These Portals, hover over an ATT&CK technique, then click See Details.
Choose an ATT&CK technique to assess
To choose an ATT&CK technique, under MITRE ATT&CK Tactic, select an ATT&CK tactic you want to assess or All tactics, then select a technique.
 |
Summarize your configuration
At a glance, understand how well your environment is configured to protect against the ATT&CK technique:
Under MITRE Coverage, view the MITRE Coverage Score for the ATT&CK technique.
Under Coverage Over Time, view the MITRE Coverage Score for the ATT&CK technique over the past six months or weeks. To learn why your score may have increased or decreased, hover over the bar for that month or week. The chart updates at the end of each month or week. To toggle between weekly or monthly scores, click Last 6 months or Last 6 weeks.
Under Product Categories, view the number of recommended product categories for which you configured a product out of the total recommended product categories.
Under Resources, find resources, including what the technique is and an explainer on the ATT&CK framework.
Under Use Cases, view the Exabeam use cases to which the ATT&CK technique is related.
View the features your configuration enables
Under <ATT&CK Technique> Outcomes, view the Exabeam features and applications your configured products enable, including Dashboards, default and custom Advanced Analytics rules, and Correlation Rules.
For each feature, view how well your configuration enables the feature to address the given ATT&CK technique, also known as your coverage. The level of coverage from None to Best is calculated differently for each feature.
To view more details about what's enabled for each feature, click View <feature>. For example, to view which dashboards have all the data they need to be complete, click View Dashboards. For Advanced Analytics rules and Correlation Rules, you can also view whether rules are satisfied under the ALL FIELDS SEEN column, and whether the rule is enabled or disabled under the ENABLED column.
If you see gaps in your coverage, follow recommendations to improve your coverage directly in Outcomes Navigator.
View configured products
Under ATT&CK Technique > Product Categories, view a table of the product categories you need to provide data for related Exabeam features and applications, sorted by importance. Under the Products Configured column, view the products you configured under each product category and their Parser Calibration Tier Average.
[5] MITRE ATT&CK and ATT&CK are trademarks of The MITRE Corporation ("MITRE"). Exabeam is not affiliated with or sponsored or endorsed by MITRE. Nothing herein is a representation of the views or opinions of MITRE or its personnel.