Fix MITRE ATT&CK mappings per CodeRabbit review

- Replace generic T1190/T1059/T1078 with context-specific techniques
- Persistence: T1547, T1053, T1543, T1574
- Credentials: T1003, T1558, T1550
- Phishing: T1566, T1204, T1534
- Ransomware: T1486, T1490, T1489
- Cloud: T1078, T1537, T1580, T1098
- Remove mappings from out-of-scope subdomains (ot-ics, malware-analysis, digital-forensics)
This commit is contained in:
MAGI
2026-03-17 17:12:05 -06:00
committed by Julio César Suástegui
parent 5e62a7ea2c
commit 42258456e8
32 changed files with 31 additions and 36 deletions
+2 -2
View File
@@ -8,7 +8,7 @@ description: >
false positives through rule tuning and logging analysis.
domain: cybersecurity
subdomain: cloud-security
tags: [cloud-waf, aws-waf, azure-waf, cloudflare-waf, owasp-protection, rate-limiting]
tags: [cloud-waf, aws-waf, owasp-protection, rate-limiting, geo-blocking]
version: 1.0.0
author: mahipal
license: Apache-2.0
@@ -265,7 +265,7 @@ After 7-14 days of Count mode with acceptable false positive rates, switch manag
## Output Format
```text
```
Cloud WAF Configuration Report
================================
Web ACL: production-waf