The MITRE ATT&CK heatmap within the QRadar Use Case Manager app visualizes how well your security defenses align against the MITRE ATT&CK framework. The colors on the heatmap are determined by the following:
Level of Mapping Confidence: The confidence level with which QRadar has associated offenses to specific MITRE ATT&CK techniques. The colors indicate:
Green: High confidence in the mapping
Yellow: Medium confidence in the mapping
Red: Low confidence in the mapping
Number of Offenses Generated: The frequency of offenses observed that map to a particular MITRE ATT&CK technique. A higher number of offenses will result in a deeper shade within the color gradient (i.e., dark red vs. light red).
References
IBM Security QRadar Use Case Manager Documentation:
The specific documentation for the MITRE ATT&CK integration will outline the details of the heatmap, including color meanings. (Search for the relevant QRadar documentation to find the precise reference)
MITRE ATT&CK Website: Provides foundational information about the framework itself (https://attack.mitre.org/ ).
Contribute your Thoughts:
Chosen Answer:
This is a voting comment (?). You can switch to a simple comment. It is better to Upvote an existing comment if you don't have anything to add.
Submit