Add MITRE ATT&CK Adversarial Tactics, Techniques & Common Knowledge

Question

Add MITRE ATT&CK Adversarial Tactics, Techniques & Common Knowledge

Closed this issue 7 years ago · 6 comments

elhoim commented 8 years ago

https://attack.mitre.org/wiki/Main_Page

Answer 1 · 2016-08-05T12:59:02.000Z

Indeed, that's foreseen. Here is the plan:

The adversary list is updated in the adversary groups, galaxies and threat actor tools, galaxies- we try to keep it up-to-date. Verification and cross-checked is more than welcome.
The techniques would need to be added in a taxonomy. MITRE answered us that they plan to release a machine-readable version of the wiki. But we might start the taxonomy by copy-pasting the wiki.
In the attacker techniques taxonomy, we plan to reference the adversary-groups and tools too. Format is under discussion.

Answer 2 · 2016-08-08T12:06:12.000Z

Ok, I will start with the techniques taxonomy then.

Answer 3 · 2017-08-16T08:09:16.000Z

This is moving into a galaxy.

Answer 4 · 2018-02-05T20:14:58.000Z

@Delta-Sierra is working on a new version.

Answer 5 · 2018-05-16T16:43:07.000Z

Just in case you haven't seen it, the MITRE ATT&CK Techniques for Mobile, Pre-Attack, and Enterprise are out as JSON files at https://github.com/mitre/cti

We currently use the files to create an RDF representation of the concepts for our DarkLight product and they are nicely structured.

Answer 6 · 2018-05-16T17:05:24.000Z

These are available in the MISP galaxies and available by default in MISP.