D3fend Mitigation JSON Schema Error
Closed this issue · 3 comments
0xm00n commented
When setting up BRON through docker, I repeatedly get this JSON schema error. This does not seem to be a local environment issue.
'D3A-AAD' does not match 'D3-[A-Z]+'
Failed validating 'pattern' in schema['properties']['original_id']:
{'description': 'ID from MITRE D3FEND. E.g. '
"'ActiveCertificateAnalysis'. TODO pattern",
'pattern': 'D3-[A-Z]+',
'type': 'string'}
On instance['original_id']:
'D3A-AAD'
Traceback (most recent call last):
File "tutorials/build_bron.py", line 268, in <module>
main(
File "tutorials/build_bron.py", line 249, in main
_mitigations(username, password, ip, not no_validation)
File "tutorials/build_bron.py", line 175, in _mitigations
d3fend.update_BRON_graph_db(username, password, ip, validation)
File "/usr/local/bron/mitigations/d3fend_mitigations.py", line 113, in update_BRON_graph_db
validate_entry(entry, schema)
File "/usr/local/bron/graph_db/bron_arango.py", line 322, in validate_entry
raise jsonschema.exceptions.ValidationError(err)
jsonschema.exceptions.ValidationError: <exception str() failed>
hembergerik commented
Thank you bringing it to our attention. Looks like there have been changes to the possible D3fend id patterns.
A quick fix could be to change the jsonschema pattern to allow for D3
and D3A
e.g. D3?-[A-Z]+
on
We will get a fix out for this.
0xm00n commented
Hi, I tested out building BRON locally on Ubuntu and the correct jsonschema pattern is D3[A-Z]?-[A-Z]+
which allows BRON to fully build.
hembergerik commented
Thanks! I patched the schema.