Aligning Defender ATP Alerts to MITRE ATT&CK - Video Demonstration

Many organizations are aligning to MITRE’s ATT&CK for Enterprise and some enterprises would like to, but just don’t know where to start. In this video, we will demonstrate how organizations can prioritize efforts based on alert information they are already receiving, using Microsoft Defender ATP, Logic Apps, and Log Analytics.



To learn more about how Microsoft Defender ATP Telemetry helps an analyst visualize MITRE ATT&CK and Technique information, read through Dan's 3-part series:


Microsoft Defender ATP Telemetry: Viewing MITRE ATT&CK Context (Part 1)


Microsoft Defender ATP Telemetry: Azure Log Analytics Workspace (Part 2)


Microsoft Defender ATP Telemetry: Workbook Visualizations (Part 3)


  • Copyright Optiv Security Inc. 2020. All rights reserved.

  • No license, express or implied, to any intellectual property or other content is granted or intended hereby.

  • This blog is provided to you for information purposes only. While the information contained in this site has been obtained from sources believed to be reliable, Optiv disclaims all warranties as to the accuracy, completeness or adequacy of such information.

  • Links to third party sites are provided for your convenience and do not constitute an endorsement by Optiv. These sites may not have the same privacy, security or accessibility standards.

  • Complaints / questions should be directed to

Dan Kiraly
Senior Research Analyst
Dan Kiraly is senior research analyst on Optiv’s partner research and strategy team. In this role he responsible for use case development and the vetting of security products for Optiv.