The MITRE ATT&CK Module (version 2.7.4) is a collection of AI Engine rules designed to detect unusual or malicious user activity that is occurring within your organization’s network.

The MITRE ATT&CK module contains licensed content and is available only to customers with a valid subscription.

Matrices

AI Engine Rules

Guides

MITRE ATT&CK Deployment Guide MITRE ATT&CK User Guide

Module Revisions

The following table summarizes the changes that have been made for the latest release (v2.7.4) of the MITRE ATT&CK Module.

AIE Rule ID

AIE Rule Name

New

1559

1562.002: Impair Defenses: Disable Windows Event Logging