Carbon Black Cloud Endpoint Standard (formerly Cb Defense)Carbon Black Cloud Enterprise EDR (formerly Cb Threathunter)
Issue/Introduction
Provide steps to view details on MITRE ATT&CK framework TTPs on the Alerts page
Environment
Predictive Security Cloud (PSC): February 18, 2020 Release (0.52.1 backend)
Cloud Endpoint Standard (fka CB Defense)
Cloud Enterprise EDR (fka CB ThreatHunter)
CB ThreatSight
Resolution
Go to Alerts page
Click into Search bar
Begin typing MITRE to view list of related TTPs
Select desired MITRE TTP and press Enter to search
Example
TTP:MITRE_T1075_PASS_THE_HASH
Expand items displayed to view full list of TTPs linked to selected AlertID
Click on the pill/button with desired MITRE TTP listed
New tab opens in browser with information on MITRE technique or tactic
Example
https://attack.mitre.org/techniques/T1075/
Additional Information
Repeat as desired for other MITRE TTPs or use the MITRE site (https://attack.mitre.org) to look for information on other Tactics, Techniques, and Procedures (TTPs)