Mitre Att&ck Heatmap
The Mitre Att&ck Heatmap in Attack Path Analysis provides a holistic view of your data based on tactics and techniques from Mitre Att&ck.
Attack Path Analysis presents the Mitre Att&ck data in a table format that enables you to quickly prioritize and remediate critical vulnerabilities that are most relevant to your organization.
To access Mitre Att&ck Heatmap:
-
In Attack Path Analysis, click the Att&ck tab.
The Mitre Att&ck Heatmap page appears.
-
Do one of the following:
-
To view data based on Enterprise tactics and techniques, in the left panel, click the Enterprise tab.
-
(Optional) Filter the table by platform type by selecting one of the available filters:
-
PRE
-
Windows
-
MacOS
-
Linux
-
Cloud
-
Containers
-
-
-
To view data based on ICS (Industrial Critical Systems) tactics and techniques, in the left panel, click the ICS tab.
-
Attack Path Analysis displays the relevant Mitre Att&ck data in a table format that includes the following details:
-
Each column in the Mitre Att&ck Heatmap table represents an enterprise tactic and its techniques. The column header shows the name of the enterprise tactic and the column shows its associated techniques.
For example, Gather Victim Host Information, Gather Victim Identity Information, and so on are enterprise techniques related to Reconnaissance enterprise tactic.
-
Table cells are color-coded to indicate the following information:
-
Gray — Tenable does not currently support these techniques.
-
White — While Tenable supports these techniques and detects them, they are not relevant to your organization.
-
The following image shows the colors that represent Critical, High, Medium, and Low.
Click on a cell to view findings or attack paths for a technique:
-
Click the button.
A list of sub-techniques appears.
Note: If there are no sub-techniques for a technique, only the icon is available. -
Click the button:
A menu appears with these options.
-
Findings — Navigate to the Findings page to view findings filtered by the selected technique or sub-technique.
-
Discover — Navigate to the Discover page to view all possible attack paths for the selected technique or sub-technique.
Tip: Each menu option includes the number of findings / attack paths available for the selected technique or sub-technique.
-
-
Teal (Not leading to Critical Asset) — These techniques do not lead to critical assets.
-
When viewing the Mitre ATT&CK page, you can do the following:
-
Use the Search bar at the top of the table to search for specific techniques or sub-techniques.
-
Click the Show All Techniques toggle to view only the cells that are color-coded by severity. This hides the white and gray cells in the heatmap table and shows only the techniques relevant to your organization.
-
Click on a severity level to filter the page by severity.