CAR-2015-07-001 Missing Coverage and Technique
th3y3ti opened this issue · comments
th3y3ti commented
CAR-2015-07-001 is missing the coverage section and the associated Tactics/Techniques. Not a big deal, I can code around the "key error" from my YAML parser but figured others would have similar issues.
Ivan Kirillov commented
Hi @th3y3ti - the omission of coverage for CAR-2015-07-001 is intentional, because unlike other analytics it is oriented towards providing generic situational awareness around user login activity, and therefore there aren't any corresponding ATT&CK techniques that it covers. If you have any other ideas on this please let us know.
th3y3ti commented
Thanks... ya, I was looking at 2019-07-001 on accident and it had a
technique. I realized after submitting. :)
I will say I also encountered some charmap issue with 3 or 4 of the yaml
files. I can send you the names/numbers if you are interested. I just
converted them to utf 8 before opening so no biggie.
…On Thu, Aug 1, 2019, 11:25 AM Ivan Kirillov ***@***.***> wrote:
Hi @th3y3ti <https://github.com/th3y3ti> - the omission of coverage for
CAR-2015-07-001 is intentional, because unlike other analytics it is
oriented towards providing generic situational awareness around user login
activity, and therefore there aren't any corresponding ATT&CK techniques
that it covers. If you have any other ideas on this please let us know.
—
You are receiving this because you were mentioned.
Reply to this email directly, view it on GitHub
<#31?email_source=notifications&email_token=AH6JQGZEGSQAFUXWIJSG3RLQCMFBPA5CNFSM4IIRMP62YY3PNVWWK3TUL52HS4DFVREXG43VMVBW63LNMVXHJKTDN5WW2ZLOORPWSZGOD3LEXZI#issuecomment-517360613>,
or mute the thread
<https://github.com/notifications/unsubscribe-auth/AH6JQG6C6LGSNIFSGNM7UNDQCMFBPANCNFSM4IIRMP6Q>
.
Ivan Kirillov commented
Ah, no worries :) Sure, if you could share the charmap issues you found, that would be appreciated.