attack-eval-scoring-by-Endgame

This repo is forked from Josh Zelonis' work around his initial blog post on the MITRE ATT&CK evaluation.

To understand the context of these scripts, please see https://www.endgame.com/blog/technical-blog/heres-how-we-do-numbers

delayed.py

This script counts each occurance of a delayed detection, for all vendor data in /data. There is no weighting for different types of detection with the delayed modifier.

no_context.py

This script counts each occurance of an enrichement or telemetry detection only, no modifiers, for all vendor data in /data.

no_delay.py

This script omits all detection with a delayed modifier, for all vendor data in /data.

real_time.py

This script displays Forresters count of "Real Time Alerts" for all vendor data in /data..

what_matters.py

This script implements weightings according to how Endgame perceives importance. Please see https://www.endgame.com/blog/technical-blog/heres-how-we-do-numbers for more information

Name		Name	Last commit message	Last commit date
Latest commit History 22 Commits
data		data
.DS_Store		.DS_Store
.gitignore		.gitignore
LICENSE		LICENSE
README.md		README.md
delayed.py		delayed.py
detection_types.txt		detection_types.txt
no_context.py		no_context.py
no_delay.py		no_delay.py
real_time.py		real_time.py
total_misses.py		total_misses.py
what_matters.py		what_matters.py

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Repository files navigation

attack-eval-scoring-by-Endgame

delayed.py

no_context.py

no_delay.py

real_time.py

what_matters.py

About

Uh oh!

Releases

Packages

Languages

License

ThatIanMcShane/attack-eval-scoring-by-Endgame

Folders and files

Latest commit

History

Repository files navigation

attack-eval-scoring-by-Endgame

delayed.py

no_context.py

no_delay.py

real_time.py

what_matters.py

About

Resources

License

Uh oh!

Stars

Watchers

Forks

Releases

Packages 0

Languages

Packages