The MITRE galaxies contain revoked entries. This causes multiple attack patterns to be displayed more than once in the matix.
As an example, in March 2020:
Registry Run Keys / Startup Folder - T1547.001 became a sub-technique and Registry Run Keys / Startup Folder - T1060 was revoked.
https://attack.mitre.org/resources/updates/updates-march-2020/index.html
Both are contained in the latest MISP galaxy and shown in the MISP matrix.
I believe when bumping the galaxy to the latest released MITRE version, revoked entries should no longer be included.
The MITRE galaxies contain revoked entries. This causes multiple attack patterns to be displayed more than once in the matix.
As an example, in March 2020:
Registry Run Keys / Startup Folder - T1547.001 became a sub-technique and Registry Run Keys / Startup Folder - T1060 was revoked.
https://attack.mitre.org/resources/updates/updates-march-2020/index.html
Both are contained in the latest MISP galaxy and shown in the MISP matrix.
I believe when bumping the galaxy to the latest released MITRE version, revoked entries should no longer be included.