mitre_map_alert_to_technique
Map security alerts to MITRE ATT&CK techniques with confidence scores. Input alert type, indicators, and platform for accurate technique identification.
Instructions
Map a security alert or observable to likely ATT&CK techniques with confidence scoring
Input Schema
| Name | Required | Description | Default |
|---|---|---|---|
| platform | No | Target platform (e.g., Windows, Linux) | |
| alertType | Yes | Description of the alert (e.g., "PowerShell encoded command execution") | |
| indicators | No | Associated indicators (IPs, domains, file hashes, process names) |