What Changed
P0-labeled correction updating MITRE ATT&CK technique field names from deprecated requiredTechniques to standardised relevantTechniques across BitSight, Dynatrace, and Microsoft Defender for Endpoint analytic rules.
Security Impact (Visibility & Fidelity)
Analytic rules using the deprecated requiredTechniques field were at risk of schema validation failures and potential deployment issues. This correction ensures:
- Proper MITRE ATT&CK technique mapping in Microsoft Sentinel
- Consistent schema compliance across all detection templates
- Continued functionality of existing deployed rules
Affected rules monitor compromise detection, vulnerability identification, and process-based threats across BitSight security ratings, Dynatrace application security, and endpoint telemetry.
Affected Files
Solutions/BitSight/Analytic Rules/ (4 rules updated) Solutions/Dynatrace/Analytic Rules/ (4 rules updated) Solutions/MicrosoftDefenderForEndpoint/Hunting Queries/ (1 query updated)