Not an endpoint, but when you have the Tactic or Technique you can use that in a URL to get extra data: https://attack.mitre.org/techniques/T1059/009/
Tools supplied by mitre: https://attack.mitre.org/resources/attack-data-and-tools/
This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
Hello,
Greetings of the day
We are using the below endpoint to collect the alerts. These alerts consist of a wide range of data including mitreTechniques. Further, I would like to know if it is possible to extract more information about Mitre Attacks fields like mitre_tactic_id mitre_technique_id mitre_tactic mitre_technique,mitre_subTechnique.
Also, We would be grateful to know if there is any other endpoint to extract above information for the respective alerts.
Endpoint: https://api-us3.securitycenter.microsoft.com/api/alerts
I have also attached the screenshot for the same.
Not an endpoint, but when you have the Tactic or Technique you can use that in a URL to get extra data: https://attack.mitre.org/techniques/T1059/009/
Tools supplied by mitre: https://attack.mitre.org/resources/attack-data-and-tools/