CB Defense: MITRE TTPs Available In Search, Return No Results

CB Defense: MITRE TTPs Available In Search, Return No Results

search cancel

CB Defense: MITRE TTPs Available In Search, Return No Results

book

Article ID: 287875

calendar_today

Updated On:

Products

Carbon Black Cloud Endpoint Standard (formerly Cb Defense)

Issue/Introduction

A number of MITRE TTPs show in Search suggestions on Investigate page
Searching for any of those TTPs returns no results

Environment

CB Defense Web Console: July '19 Release (0.48.x)

Cause

Development work is underway to add new TTPs aligned with MITRE ATT&CK in a future CB Defense update
TTPs in question were exposed in Search suggestions prematurely as part of July '19 Release (0.48.x)
TTPs in question aren't yet used by CB Defense Analytics to tag Events or Alerts; Hence, the empty search results

Resolution

Disregard the TTPs in question until those are released officially as part of a future PSC backend update.

Additional Information

Carbon Black is evaluating options for hiding the TTPs in question in the meantime, possibly via a UI update, to avoid confusion.

Feedback

thumb_up Yes

thumb_down No