back caretBlog

How Reveal(x) Network Detection & Response Makes MITRE ATT&CK Easier

As the MITRE ATT&CK Framework grows rapidly more useful and more widely adopted by security operations teams, we are always looking for ways to make it easier to integrate ATT&CK into investigation workflows. Our existing detection cards offer background information about attack behaviors, including links to MITRE ATT&CK TTPs. That means analysts don't have to search in a separate location or resort to Googling to know the implications of a given detection or to find out where on the Framework a particular detection might have relevance.

With Reveal(x) version 8.1 we're taking the MITRE ATT&CK integration to the next level. Users can now view detections on a visual matrix, mapped to the MITRE ATT&CK Framework, as well as search their environment for detections by MITRE ATT&CK code.

Watch this three minute video to see how the new feature works, then dive into our free online demo to try it for yourself!

ExtraHop Reveal(x) Live Activity Map

Stop Breaches 87% Faster

Investigate a live attack in the full product demo of ExtraHop Reveal(x), network detection and response, to see how it accelerates workflows.

Start Demo

Sign Up to Stay Informed