Search Method: Observed Attack Techniques

Search App provides a more flexible and granular retrieve mechanism for Observed Attack Technique (OAT) data.

• More than 200 searchable keys available
• Freely filter/group data
• Customize view setting
• Support export raw data

XDR Threat Investigation > Search > Search Method > Observed Attack Techniques

^{Click the image to enlarge.}

^{Click the image to enlarge.}

View Detection Filter

List SAE detection filter details, including:

• Risk level
• Highlighted object
• Filter Name & description
• Correspoding MITRE Tactic&Technique

  

  ^{Click the image to enlarge.}

• Active/click one filter to automatically focus on relevant highlighted objects

  

  ^{Click the image to enlarge.}

• Hover on another filter, the relevant highlighted objects will be marked in a different color

  

  ^{Click the image to enlarge.}

Pivot to Search app when using Observed Attack Techniques app

XDR Threat Investigation > Observed Attack Techniques > Query in Search app

^{Click the image to enlarge.}

^{Click the image to enlarge.}

Note that the following scenarios are not supported by “Query in Search app”:

• Will not include “TacticID” when pivoting to Search app

  

  ^{Click the image to enlarge.}

• Will not include “Hide Filters” when pivoting to Search app

  

  ^{Click the image to enlarge.}

For support assistance, please contact Trend Micro Technical Support.