- Get Started with Outcomes Navigator
- Use Outcomes Navigator with the MITRE ATT&CK® Framework
- Use Outcomes Navigator with the Threat Detection, Investigation, and Response (TDIR) Use Case Categories Framework
- Use Outcomes Navigator for Compliance
- View Recommendations for Improving Your Configuration
- Share Information in Outcomes Navigator
- Outcomes Navigator Coverage Calculation
- The Role of Parsed Fields in Coverage Calculation
- Prerequisites for Calculating Coverage
- Types of Coverage Scores
- Use Case Coverage Score
- MITRE Coverage Score
- Compliance Framework Coverage Score
- Control Coverage Score
- Advanced Analytics Rules Coverage Calculation
- Correlation Rules Coverage Calculation
- Dashboards Coverage Calculation
- Coverage Over Time Calculation
- Outcomes Navigator Parser Calibration Tier Average Calculation
Use Outcomes Navigator with the MITRE ATT&CK® Framework
View, assess, and improve your configuration using the MITRE ATT&CK® framework.
You can use Outcomes Navigator with a Exabeam Threat Detection, Investigation, and Response (TDIR) Use Case Categories framework, various compliance frameworks, or the MITRE ATT&CK® framework.
If you decide to use Outcomes Navigator with the MITRE ATT&CK® framework, ensure you're familiar with ATT&CK. Consider reviewing MITRE resources about ATT&CK and taking the Using ATT&CK for Cyber Threat Intelligence training.[4]
To begin using Outcomes Navigator with the MITRE ATT&CK® framework, customize your frameworks and select MITRE ATT&CK® Coverage.
You can then get a high-level view of your overall ATT&CK coverage, explore all ATT&CK tactics and techniques, and determine which ones your configuration should focus on to achieve your goals. Then, for an ATT&CK technique of interest, assess the current state of your configuration and where there are gaps. Finally, view recommendations for improving your configuration. You can view recommendations only if you have a license that includes Advanced Analytics.
Understand Your Overall MITRE ATT&CK® Coverage
To create a strategy for configuring your environment, get an overview of your overall ATT&CK coverage in Outcomes Navigator.
Assess Configuration Efficacy for a MITRE ATT&CK® Technique
Understand how well your environment is configured to protect against a specific ATT&CK technique.
View Recommendations for Improving Your Configuration
After you assess the current configuration of your environment, follow recommended steps to fill the gaps.
[4] MITRE ATT&CK and ATT&CK are trademarks of The MITRE Corporation ("MITRE"). Exabeam is not affiliated with or sponsored or endorsed by MITRE. Nothing herein is a representation of the views or opinions of MITRE or its personnel.