How can we see the rules we developed in the ES Content Updates area? How can we define it on the product so that it can be seen on this screen by categorizing according to Cyber Kill Chain and MITER ATTACK Framework?
Hi @Nurcan
You will have wrap the rules you have developed inside an Analytic Story for it to be displayed in ESCU.
Go to Configure->Content Management-> Create New Content and choose Analytic Story.
The mapping to Cyber Kill Chain and MITER ATTACK Framework will be derived by the annotations you created for the Correlation Search.