- play_arrow QRadar Use Case Manager
- play_arrow What's New in QRadar Use Case Manager
- play_arrow Known Issues
- play_arrow Video Demonstrations
- play_arrow Supported Environments for QRadar Use Case Manager
- play_arrow Installation and Configuration Checklist
- Installation and Configuration Checklist
- Installing QRadar Use Case Manager
- Creating an Authorized Service Token
- Configuring the Use Case Explorer in QRadar Use Case Manager
- Assigning User Permissions for QRadar Use Case Manager
- Customizing User Preferences
- Predefined Report Content Templates
- Customizing Report Content Templates
- Custom Rule Attributes
- Creating Custom Rule Attributes
- Exporting and Importing Custom Rule Attributes
- Upgrading QRadar Use Case Manager
- Uninstalling QRadar Use Case Manager
- play_arrow Investigating QRadar Rules and Building Blocks
- Investigating QRadar Rules and Building Blocks
- Filtering Rules and Building Blocks by their Properties
- Identifying Gaps in QRadar Rule Coverage from Content Extensions
- Investigating User Behavior Analytics Rules
- Duplicating Rules for Further Customization
- Exporting Rules
- Deleting Rules
- Rule Report Presentation
- Visualizing Rules and Building Blocks
- Visualizing Log Source Type Coverage per Rule
- play_arrow QRadar Tuning
- play_arrow Accessing Report Data by using QRadar Use Case Manager APIs
Visualizing MITRE Coverage Summary and Trends
The MITRE summary and trend reports provide an overview of the different tactics that are covered by QRadar Use Case Manager. You can analyze the summary data in table, bar, and radar charts. Only the number of enabled mappings to enabled rules are counted in the charts because disabled mappings don't contribute to your security posture.
If you want to filter by MITRE ATT&CK tactics, you must first map your rules to MITRE tactics and techniques. For more information, see Editing MITRE Mappings in a Rule or Building Block.