Mapping TTPs and CVEs
afarao opened this issue · 1 comments
Hi! I am new here!
Is there any way to link TTPs and CVEs through the Caldera?
Through the Pathfinder plugin I have received the network topology including the CVES, and then I have created an operation using as adversary the Thief.
Once the operation is done, I use the Debrief plugin to see how the operation is completed and then I can see the used TTPs.
Is there any way to export which CVEs are used/linked to each used TTP?
Thanks in advance!
You can tag abilities with a CVE or any other piece of information as seen here: https://github.com/center-for-threat-informed-defense/caldera_pathfinder/blob/master/data/abilities/initial-access/315f8fcc-c05a-4db0-9f9a-5daade661540.yml#L11-L12.
Hopefully this resolves your issue. If you’re still having any problems, please feel free to re-open or start a new ticket. Thanks!