Why Wazuh showing old MITRE ATT&CK Technique ID's?
185 views
Skip to first unread message
Usman Jut
Oct 11, 2021, 3:41:21 AM10/11/21
to Wazuh mailing list
Hope so everyone is doing good!
I am very keen to know why wazuh is showing old technique ID's.
For example like a highlight in the screenshot, T1107 File Deletion is now changed to T1070.004 Indicator Removal on Host: File Deletion. But wazuh is showing still the older one.
Also, wazuh is not showing the sub Techniques on this Wazuh MITRE ATT&Ck Framework and also whenever an alert is generated.
for example: T1070.001, T100.002
If anyone knows about it, Kindly let me know about it.
Thanks a lot for your precious time.
I am very keen to know why wazuh is showing old technique ID's.
For example like a highlight in the screenshot, T1107 File Deletion is now changed to T1070.004 Indicator Removal on Host: File Deletion. But wazuh is showing still the older one.
Also, wazuh is not showing the sub Techniques on this Wazuh MITRE ATT&Ck Framework and also whenever an alert is generated.
for example: T1070.001, T100.002
If anyone knows about it, Kindly let me know about it.
Thanks a lot for your precious time.
Jose Cruz Lopez
Oct 11, 2021, 4:06:59 AM10/11/21
to Wazuh mailing list
Hello,
This is a known issue that will be solved with the release of the 4.3 version which it's the current one in development.
This issue was solved in this PR in case you want to seed it in more detail.
Unfortunately, we do not have an exact date for the release of the 4.3 version, but we will try to release it as soon as possible.
If you have any further questions, please do not hesitate to ask.
Best regards!
Reply all
Reply to author
Forward
0 new messages