From 1b2622ebeeed08f94dfff3352aa770ec484cea69 Mon Sep 17 00:00:00 2001
From: Forrest <61887649+forrestcarver@users.noreply.github.com>
Date: Tue, 13 Feb 2024 14:00:35 -0600
Subject: [PATCH] Update whatistid.rst

M3TID final v1.0 changes, as of 13 Feb 2024.
---
 docs/whatistid.rst | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/docs/whatistid.rst b/docs/whatistid.rst
index 0d30ed3..78b83fd 100644
--- a/docs/whatistid.rst
+++ b/docs/whatistid.rst
@@ -18,7 +18,7 @@ There are many types of threat information and many sources from which to learn
 
    ATT&CK Framework
 
-David Bianco famously depicted this potential with his “Pyramid of Pain ”, which illustrates how difficult it is for an adversary to evade a defense that is informed by, and effective against, different levels of information about adversary tradecraft. In the Pyramid of Pain, indicators such as IP addresses, hash values, and domain names are shown to be easy for an adversary to alter and thus evade defenses that are dependent on them. However, TTPs are positioned at the top of the pyramid, reflecting the difficulty an adversary would have if a defender was effectively detecting and mitigating at that level. 
+David Bianco famously depicted this potential with his “Pyramid of Pain” [#f2]_, which illustrates how difficult it is for an adversary to evade a defense that is informed by, and effective against, different levels of information about adversary tradecraft. In the Pyramid of Pain, indicators such as IP addresses, hash values, and domain names are shown to be easy for an adversary to alter and thus evade defenses that are dependent on them. However, TTPs are positioned at the top of the pyramid, reflecting the difficulty an adversary would have if a defender was effectively detecting and mitigating at that level. 
 
 .. figure:: _static/pyramidofpain.png
    :alt: Pyramid of Pain