The Mitre Mapper Action can be used to relate MITRE ATT&CK techniques to ThreatQ objects in a Threat Library data collection.

The integration provides the following action:

• Mitre Mapper - relates MITRE ATT&CK techniques to the submitted ThreatQ Objects.

The action is compatible with and enriches the following object types:

• Adversaries
• Assets
• Campaigns
• Courses Of Action
• Events
• Exploits
• Files
• Target Identities
• Indicators
• Incidents
• Intrusion Sets
• Malware
• Notes
• Reports
• Signatures
• Tools
• TTPs
• Vulnerabilities

Note: This action is intended for use with ThreatQ TDR Orchestrator (TQO). An active TQO license is required for this feature.