Mirrors/marcredhat-siem-toolkit-patched
1
0
Fork 0
mirror of https://github.com/marcredhat/SIEM-toolkit-patched synced 2026-06-08 12:33:51 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
8c4298ca2a9185b2f6f1034411d0959312432518
marcredhat-siem-toolkit-pat…/backend
T
History
marc 8c4298ca2a Health Score: cap MITRE Coverage at 100% by canonicalising tactics 
STAR rules sometimes label tactics with non-canonical names
(observed: "Stealth", "Defense Impairment") which were counted as
distinct tactics on top of the 14 canonical ATT&CK Enterprise ones,
producing percentages > 100% (e.g. 15/14 = 107.1% on a busy tenant).

Fix in get_health_score():
  - Restrict covered_tactics to the 14 canonical ATT&CK Enterprise tactics.
  - Map known STAR aliases ("Stealth", "Defense Impairment") -> "Defense Evasion".
  - Derive TOTAL_TACTICS from the canonical set (single source of truth).

Result: tactics_covered = 14, mitre_pct = 100.0 (was 15 / 107.1).
2026-05-22 21:36:42 +02:00
..
routers
Health Score: cap MITRE Coverage at 100% by canonicalising tactics
2026-05-22 21:36:42 +02:00
services
Cherry-pick improvements from PR #2 (marcredhat)
2026-05-22 10:11:42 -04:00
db.py
Add health score, coverage trends, dependency map, PowerQuery playground, onboarding tracker
2026-05-22 11:09:43 -04:00
Dockerfile
Initial commit: SIEM Toolkit for SentinelOne
2026-05-19 11:39:26 -04:00
main.py
Add health score, coverage trends, dependency map, PowerQuery playground, onboarding tracker
2026-05-22 11:09:43 -04:00
requirements.txt
Initial commit: SIEM Toolkit for SentinelOne
2026-05-19 11:39:26 -04:00