sensor-mappings-to-attack icon indicating copy to clipboard operation
sensor-mappings-to-attack copied to clipboard

Published 20 hours ago verified publisher icon center-for-threat-informed-defense

[New Value] Provider Name for WinEvtx Mappings

Open jcwilliamsATmitre opened this issue 1 year ago • 1 comments

Idea from @nasbench 🥂

Providers can be added to https://github.com/center-for-threat-informed-defense/sensor-mappings-to-attack/blob/main/mappings/input/enterprise/csv/WinEvtx-sensors-mappings-enterprise.csv since the EIDs may not be otherwise unique

e.g., https://github.com/SigmaHQ/sigma-specification/blob/main/Taxonomy_specification.md#windows-folder

jcwilliamsATmitre avatar Dec 14 '23 19:12 jcwilliamsATmitre

addressed in https://github.com/center-for-threat-informed-defense/sensor-mappings-to-attack/pull/17

jcwilliamsATmitre avatar Dec 18 '23 22:12 jcwilliamsATmitre