Subscribe to the Taegis™ XDR Documentation RSS Feed at .

Learn more about RSS readers or RSS browser extensions.

FAQ — Adversary Software Coverage

adversary software coverage mitre att&ck

Frequently Asked Questions

How is Secureworks® Taegis™ XDR Adversary Software Coverage calculated?

MITRE ATT&CK maintains a mapping of the techniques used by malicious software. When software is selected, Secureworks® Taegis™ XDR’s Adversary Software Coverage loads the countermeasure coverage and calculates the total techniques covered divided by the total techniques used by the software.

Where is the list of software populated from?

The Software List used comes directly from the MITRE ATT&CK Software list at https://attack.mitre.org/software/.

What is the difference between the terms coverage, countermeasures and techniques?

Coverage represents the total techniques used by the software covered by one or more Secureworks® Taegis™ XDR countermeasures. Countermeasures, in this context, are behaviors observed by Secureworks® Taegis™ XDR that are captured by a detector, watchlist, and/or ruleset. Techniques are how an adversary achieves a tactical objective by performing a task.

Why are there techniques not used by the specified software?

Techniques not used are represented as Not applicable and grayed out in the Secureworks® Taegis™ XDR’s Adversary Software Coverage display. Coverage is only displayed for the techniques actually used by the software.


On this page: