https://live.paloaltonetworks.com/t5/cortex-xsoar-discussions/mitre-att-amp-ck-framework/m-p/571812#M2969 <P>Hi Bar,&nbsp;</P> <P>&nbsp;</P> <P>If the alert has the technique ID, mapping can be done automatically, however, in the absence of the technique ID, mapping is not straightforward since alerts normally come in unstandardized. We rely on the tool to provide the technique ID.</P> <P>&nbsp;</P> <P>Thanks,&nbsp;<BR />Rahul</P> Thu, 04 Jan 2024 17:46:11 GMT RahulVijaydev 2024-01-04T17:46:11Z https://live.paloaltonetworks.com/t5/cortex-xsoar-discussions/mitre-att-amp-ck-framework/m-p/570945#M2935 <P>Hi ,&nbsp;<BR />Is there a way to automate the process of mapping every incident to its MITRE Technique ,<BR />or it should be manual for every incident ?&nbsp;</P> Wed, 27 Dec 2023 07:14:41 GMT https://live.paloaltonetworks.com/t5/cortex-xsoar-discussions/mitre-att-amp-ck-framework/m-p/570945#M2935 Bar_Magnezi 2023-12-27T07:14:41Z https://live.paloaltonetworks.com/t5/cortex-xsoar-discussions/mitre-att-amp-ck-framework/m-p/571812#M2969 <P>Hi Bar,&nbsp;</P> <P>&nbsp;</P> <P>If the alert has the technique ID, mapping can be done automatically, however, in the absence of the technique ID, mapping is not straightforward since alerts normally come in unstandardized. We rely on the tool to provide the technique ID.</P> <P>&nbsp;</P> <P>Thanks,&nbsp;<BR />Rahul</P> Thu, 04 Jan 2024 17:46:11 GMT https://live.paloaltonetworks.com/t5/cortex-xsoar-discussions/mitre-att-amp-ck-framework/m-p/571812#M2969 RahulVijaydev 2024-01-04T17:46:11Z