Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
PhoneBoy
Admin
Admin

MITRE ATT&CK Extension TechTalk: Video, Slides, and Q&A

Video of the session available to CheckMates members.
PPT slides also available to CheckMates members.

Q&A below

What version of Security Management is required for this?

SmartConsole Extensions are supported from R80.30 and are not dependent on gateway version.
Note this extension requires SmartEvent (can be on a separate system from Security Management)

How do I install this extension?

The extension URL is: https://secureupdates.checkpoint.com/appi/mitre/mitre_network/extension.json
You install the extension from the following location in SmartConsole.
It must be installed on each SmartConsole client.

Screen Shot 2021-05-12 at 8.45.26 AM.pngScreen Shot 2021-05-12 at 8.45.51 AM.png

Is it integrated in the Infinity SOC

Some of this information is already in Infinity SOC. 

How does it work for Harmony solution?

This extension is focused on the IPS/Anti-Bot blades on a Quantum Security Gateway.  Harmony Endpoint versions provide some of this information already, as demonstrated by our excellent results in the recent MITRE Enterprise 2020 evaluation.

We are planning to integrate this across the services available in Infinity Portal.

If we have issues with the extension, do we reach out to TAC?

Currently, we are providing this on a community preview basis. If you have issues, please ask on CheckMates and we'll do our best to assist. This will be formally released as part of R81.10 and will have formal documentation in SecureKnowledge.

I just ran the extension on a R80.40 environment, however I'm unable to download the final report. Is this feature R81.10 exclusive or will it be brought to R80.40 as well?

The final report requires functionality only present in R81.10. Once R81.10 is GA, we plan to make the relevant functionality available in earlier releases as part of the regular Jumbo Hotfix.

0 Replies