Updates MITRE docs to currently used version v18.1#4395
Merged
nastasha-solomon merged 8 commits intomainfrom Jan 13, 2026
Merged
Updates MITRE docs to currently used version v18.1#4395nastasha-solomon merged 8 commits intomainfrom
v18.1#4395nastasha-solomon merged 8 commits intomainfrom
Conversation
6 tasks
Contributor
✅ Vale Linting ResultsNo issues found on modified lines! The Vale linter checks documentation changes against the Elastic Docs style guide. To use Vale locally or report issues, refer to Elastic style guide for Vale. |
Contributor
🔍 Preview links for changed docs |
nastasha-solomon
approved these changes
Dec 17, 2025
Member
nastasha-solomon
left a comment
There was a problem hiding this comment.
Thank you! Just left a minor edit.
solutions/security/detect-and-alert/mitre-attandckr-coverage.md
Outdated
Show resolved
Hide resolved
nastasha-solomon
approved these changes
Dec 17, 2025
Member
nastasha-solomon
left a comment
There was a problem hiding this comment.
Thank you! Just left a minor edit.
Member
|
@dplumlee please hold off on merging this PR until Jan 13, 2026. |
Co-authored-by: Nastasha Solomon <79124755+nastasha-solomon@users.noreply.github.com>
dplumlee
added a commit
to elastic/kibana
that referenced
this pull request
Dec 19, 2025
## Summary Addresses: #166152 for `9.3.0` Updates MITRE ATT&CK mappings to [`v18.1`](https://attack.mitre.org/resources/updates/updates-october-2025/). Last update was to `v17.1` in #231375. To update, I modified https://github.com/elastic/kibana/blob/8da457eaa399310954edf4c98cfc0fb540ae48ad/x-pack/solutions/security/plugins/security_solution/scripts/extract_tactics_techniques_mitre.js#L22 to point to the `ATT&CK-v18.1` tag. Then ran `yarn extract-mitre-attacks` from the root `security_solution` plugin directory, and then `node scripts/i18n_check.js --fix` from Kibana root to regen the i18n files. ## Acceptance Criteria - [x] User can map and use new MITRE techniques in Security Solution - [ ] The user-facing documentation is updated with the new version - [ ] [MITRE ATT&CK® coverage](https://www.elastic.co/guide/en/security/master/rules-coverage.html) page - [ ] elastic/docs-content#4395 ## Test Criteria - [x] Verify that new techniques (see the changelog link above) are available for mapping on the Rule Creation page under "Advanced settings" - [x] Verify that new techniques are available on the MITRE ATT&CK coverage page
kibanamachine
pushed a commit
to kibanamachine/kibana
that referenced
this pull request
Dec 19, 2025
) ## Summary Addresses: elastic#166152 for `9.3.0` Updates MITRE ATT&CK mappings to [`v18.1`](https://attack.mitre.org/resources/updates/updates-october-2025/). Last update was to `v17.1` in elastic#231375. To update, I modified https://github.com/elastic/kibana/blob/8da457eaa399310954edf4c98cfc0fb540ae48ad/x-pack/solutions/security/plugins/security_solution/scripts/extract_tactics_techniques_mitre.js#L22 to point to the `ATT&CK-v18.1` tag. Then ran `yarn extract-mitre-attacks` from the root `security_solution` plugin directory, and then `node scripts/i18n_check.js --fix` from Kibana root to regen the i18n files. ## Acceptance Criteria - [x] User can map and use new MITRE techniques in Security Solution - [ ] The user-facing documentation is updated with the new version - [ ] [MITRE ATT&CK® coverage](https://www.elastic.co/guide/en/security/master/rules-coverage.html) page - [ ] elastic/docs-content#4395 ## Test Criteria - [x] Verify that new techniques (see the changelog link above) are available for mapping on the Rule Creation page under "Advanced settings" - [x] Verify that new techniques are available on the MITRE ATT&CK coverage page (cherry picked from commit 6b6a30e)
kibanamachine
pushed a commit
to kibanamachine/kibana
that referenced
this pull request
Dec 19, 2025
) ## Summary Addresses: elastic#166152 for `9.3.0` Updates MITRE ATT&CK mappings to [`v18.1`](https://attack.mitre.org/resources/updates/updates-october-2025/). Last update was to `v17.1` in elastic#231375. To update, I modified https://github.com/elastic/kibana/blob/8da457eaa399310954edf4c98cfc0fb540ae48ad/x-pack/solutions/security/plugins/security_solution/scripts/extract_tactics_techniques_mitre.js#L22 to point to the `ATT&CK-v18.1` tag. Then ran `yarn extract-mitre-attacks` from the root `security_solution` plugin directory, and then `node scripts/i18n_check.js --fix` from Kibana root to regen the i18n files. ## Acceptance Criteria - [x] User can map and use new MITRE techniques in Security Solution - [ ] The user-facing documentation is updated with the new version - [ ] [MITRE ATT&CK® coverage](https://www.elastic.co/guide/en/security/master/rules-coverage.html) page - [ ] elastic/docs-content#4395 ## Test Criteria - [x] Verify that new techniques (see the changelog link above) are available for mapping on the Rule Creation page under "Advanced settings" - [x] Verify that new techniques are available on the MITRE ATT&CK coverage page (cherry picked from commit 6b6a30e)
baileycash-elastic
pushed a commit
to baileycash-elastic/kibana
that referenced
this pull request
Dec 19, 2025
) ## Summary Addresses: elastic#166152 for `9.3.0` Updates MITRE ATT&CK mappings to [`v18.1`](https://attack.mitre.org/resources/updates/updates-october-2025/). Last update was to `v17.1` in elastic#231375. To update, I modified https://github.com/elastic/kibana/blob/8da457eaa399310954edf4c98cfc0fb540ae48ad/x-pack/solutions/security/plugins/security_solution/scripts/extract_tactics_techniques_mitre.js#L22 to point to the `ATT&CK-v18.1` tag. Then ran `yarn extract-mitre-attacks` from the root `security_solution` plugin directory, and then `node scripts/i18n_check.js --fix` from Kibana root to regen the i18n files. ## Acceptance Criteria - [x] User can map and use new MITRE techniques in Security Solution - [ ] The user-facing documentation is updated with the new version - [ ] [MITRE ATT&CK® coverage](https://www.elastic.co/guide/en/security/master/rules-coverage.html) page - [ ] elastic/docs-content#4395 ## Test Criteria - [x] Verify that new techniques (see the changelog link above) are available for mapping on the Rule Creation page under "Advanced settings" - [x] Verify that new techniques are available on the MITRE ATT&CK coverage page
dplumlee
added a commit
to dplumlee/kibana
that referenced
this pull request
Dec 22, 2025
) ## Summary Addresses: elastic#166152 for `9.3.0` Updates MITRE ATT&CK mappings to [`v18.1`](https://attack.mitre.org/resources/updates/updates-october-2025/). Last update was to `v17.1` in elastic#231375. To update, I modified https://github.com/elastic/kibana/blob/8da457eaa399310954edf4c98cfc0fb540ae48ad/x-pack/solutions/security/plugins/security_solution/scripts/extract_tactics_techniques_mitre.js#L22 to point to the `ATT&CK-v18.1` tag. Then ran `yarn extract-mitre-attacks` from the root `security_solution` plugin directory, and then `node scripts/i18n_check.js --fix` from Kibana root to regen the i18n files. ## Acceptance Criteria - [x] User can map and use new MITRE techniques in Security Solution - [ ] The user-facing documentation is updated with the new version - [ ] [MITRE ATT&CK® coverage](https://www.elastic.co/guide/en/security/master/rules-coverage.html) page - [ ] elastic/docs-content#4395 ## Test Criteria - [x] Verify that new techniques (see the changelog link above) are available for mapping on the Rule Creation page under "Advanced settings" - [x] Verify that new techniques are available on the MITRE ATT&CK coverage page (cherry picked from commit 6b6a30e) # Conflicts: # x-pack/platform/plugins/private/translations/translations/de-DE.json
dplumlee
added a commit
to dplumlee/kibana
that referenced
this pull request
Dec 22, 2025
) ## Summary Addresses: elastic#166152 for `9.3.0` Updates MITRE ATT&CK mappings to [`v18.1`](https://attack.mitre.org/resources/updates/updates-october-2025/). Last update was to `v17.1` in elastic#231375. To update, I modified https://github.com/elastic/kibana/blob/8da457eaa399310954edf4c98cfc0fb540ae48ad/x-pack/solutions/security/plugins/security_solution/scripts/extract_tactics_techniques_mitre.js#L22 to point to the `ATT&CK-v18.1` tag. Then ran `yarn extract-mitre-attacks` from the root `security_solution` plugin directory, and then `node scripts/i18n_check.js --fix` from Kibana root to regen the i18n files. ## Acceptance Criteria - [x] User can map and use new MITRE techniques in Security Solution - [ ] The user-facing documentation is updated with the new version - [ ] [MITRE ATT&CK® coverage](https://www.elastic.co/guide/en/security/master/rules-coverage.html) page - [ ] elastic/docs-content#4395 ## Test Criteria - [x] Verify that new techniques (see the changelog link above) are available for mapping on the Rule Creation page under "Advanced settings" - [x] Verify that new techniques are available on the MITRE ATT&CK coverage page (cherry picked from commit 6b6a30e) # Conflicts: # x-pack/platform/plugins/private/translations/translations/de-DE.json # x-pack/platform/plugins/private/translations/translations/fr-FR.json # x-pack/platform/plugins/private/translations/translations/zh-CN.json
CAWilson94
pushed a commit
to CAWilson94/kibana
that referenced
this pull request
Jan 6, 2026
) ## Summary Addresses: elastic#166152 for `9.3.0` Updates MITRE ATT&CK mappings to [`v18.1`](https://attack.mitre.org/resources/updates/updates-october-2025/). Last update was to `v17.1` in elastic#231375. To update, I modified https://github.com/elastic/kibana/blob/8da457eaa399310954edf4c98cfc0fb540ae48ad/x-pack/solutions/security/plugins/security_solution/scripts/extract_tactics_techniques_mitre.js#L22 to point to the `ATT&CK-v18.1` tag. Then ran `yarn extract-mitre-attacks` from the root `security_solution` plugin directory, and then `node scripts/i18n_check.js --fix` from Kibana root to regen the i18n files. ## Acceptance Criteria - [x] User can map and use new MITRE techniques in Security Solution - [ ] The user-facing documentation is updated with the new version - [ ] [MITRE ATT&CK® coverage](https://www.elastic.co/guide/en/security/master/rules-coverage.html) page - [ ] elastic/docs-content#4395 ## Test Criteria - [x] Verify that new techniques (see the changelog link above) are available for mapping on the Rule Creation page under "Advanced settings" - [x] Verify that new techniques are available on the MITRE ATT&CK coverage page
dej611
pushed a commit
to dej611/kibana
that referenced
this pull request
Jan 8, 2026
) ## Summary Addresses: elastic#166152 for `9.3.0` Updates MITRE ATT&CK mappings to [`v18.1`](https://attack.mitre.org/resources/updates/updates-october-2025/). Last update was to `v17.1` in elastic#231375. To update, I modified https://github.com/elastic/kibana/blob/8da457eaa399310954edf4c98cfc0fb540ae48ad/x-pack/solutions/security/plugins/security_solution/scripts/extract_tactics_techniques_mitre.js#L22 to point to the `ATT&CK-v18.1` tag. Then ran `yarn extract-mitre-attacks` from the root `security_solution` plugin directory, and then `node scripts/i18n_check.js --fix` from Kibana root to regen the i18n files. ## Acceptance Criteria - [x] User can map and use new MITRE techniques in Security Solution - [ ] The user-facing documentation is updated with the new version - [ ] [MITRE ATT&CK® coverage](https://www.elastic.co/guide/en/security/master/rules-coverage.html) page - [ ] elastic/docs-content#4395 ## Test Criteria - [x] Verify that new techniques (see the changelog link above) are available for mapping on the Rule Creation page under "Advanced settings" - [x] Verify that new techniques are available on the MITRE ATT&CK coverage page
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Note
Will be merged on Jan 13, 2026
Summary
Updates MITRE docs to display most recent versions in docs for the
v18.1updateRelated
v18.1kibana#246770Generative AI disclosure