Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

MITRE FIGHT galaxy/matrix #986

Closed
cvandeplas opened this issue Jun 11, 2024 · 2 comments
Closed

MITRE FIGHT galaxy/matrix #986

cvandeplas opened this issue Jun 11, 2024 · 2 comments
Assignees
@cvandeplas
Labels
new galaxy This issue involves the addition of a new galaxy

Comments

@cvandeplas
Copy link
Member

https://fight.mitre.org/

FiGHT™ (5G Hierarchy of Threats), is a knowledge base of adversary Tactics and Techniques for 5G systems. FiGHT consists of three types of Techniques: theoretical, proof of concept (PoC), and observed. The theoretical and PoC constitute the bulk of the framework and are based upon academic research and other publicly available documents. Currently, a minority of FiGHT Techniques are based upon real-world observations, documented accordingly. Each FiGHT Technique is labelled as theoretical, PoC, or observed.

FiGHT serves as a foundation to 5G security research and can be operationalized in various ways, such as to conduct threat assessments, enable adversarial emulation, identify coverage gaps, and inform cyber investment planning. As 5G continues to expand and intersects with technologies globally, adversaries will leverage the increased attack surface to exploit and disrupt the use of 5G. MITRE hopes that through the use of FiGHT, 5G stakeholders can work together to ensure a secure and resilient 5G ecosystem.

FiGHT is modeled after the MITRE ATT&CK® framework, and its tactics and techniques are complementary to those in ATT&CK. MITRE invites contributions and feedback from interested communities of telecommunication providers, manufacturers, and cyber security researchers to help continuously improve the FiGHT Framework.
@cvandeplas cvandeplas added the new galaxy This issue involves the addition of a new galaxy label Jun 11, 2024
@cvandeplas
Copy link
Member Author

The FiGHT™ website is generated by custom, MITRE software that consumes a YAML file to produce static HTML. The YAML file is being made available to enable users and contributors to automate how they interact with the FiGHT™ threat model.

We plan to eventually release the custom MITRE software to the public, in addition to a STIX-formatted JSON file that is compliant with how ATT&CK is documented in STIX.

View our current YAML file here.

@cvandeplas cvandeplas self-assigned this Jun 17, 2024
@cvandeplas cvandeplas mentioned this issue Jun 17, 2024
Closed
cvandeplas added a commit to cvandeplas/misp-galaxy that referenced this issue Jun 17, 2024
@cvandeplas
new: [fight] new MITRE FiGHT galaxy fixes MISP#986
a1658b3
@cvandeplas
Copy link
Member Author

Duplicate entries, contacted MITRE FiGHT team to ask for guidance:

  2     x Diameter signaling  -  FGT5012.008 , FGT5019.005
  2     x Endpoint Denial of Service - FGT1642  , FGT1499
  2     x Network Interfaces - FGT5009.002 , FGT1600.502, 
  4     x Radio interface /  Radio Interface - FGT1600.501 , FGT1040.501, FGT1557.501, FGT5009.001

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@cvandeplas cvandeplas

Labels
new galaxy This issue involves the addition of a new galaxy
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@cvandeplas