Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add support for mixed domains in a single ATT&CK Navigator instance #180

Closed
isaisabel opened this issue Jun 23, 2020 · 4 comments
Closed

Add support for mixed domains in a single ATT&CK Navigator instance #180

isaisabel opened this issue Jun 23, 2020 · 4 comments
Assignees
@clemiller
Labels
enhancement New feature or request timescale/imminent Ready to be assigned to developers
Milestone
Version 4.0: Doma...

Comments

@isaisabel
Copy link
Contributor

As a user of the ATT&CK Navigator, I want to be able to open layers of multiple domains in a single instance.

  • Refactor the hardcoded enterprise, mobile and pre-attack domains to make the list of domains definable in the config file.
  • Allow the user to select the domain when opening a new layer
    • Each layer can only have one domain
  • When uploading a layer, determine the domain data to use by the layer domain field
  • Restrict layer-layer operations to layers of the same domain
  • Lazy-load domain data. Load domain data only once a layer is opened with the given domain
  • Refactor the layer domain field to use the ATT&CK convention:
    • mitre-enterprise becomes enterprise-attack
      -mitre-mobile becomes mobile-attack.
  • Updated new-tab UI:
    image
@isaisabel isaisabel added enhancement New feature or request timescale/imminent Ready to be assigned to developers labels Jun 23, 2020
@isaisabel isaisabel mentioned this issue Jun 23, 2020
Closed
@nicolaipre
Copy link

nicolaipre commented Oct 2, 2020
edited
Loading

I am looking for the exact same thing. Ideally, I would like every MITRE Matrix (https://attack.mitre.org/matrices/enterprise/) to be available in a dropdown/sort function, such that if I select a certain template matrix, the non-relevant attack techniques disappear from my view.

For example: If i select Enterprise -> Cloud -> Azure, it would be perfect if the view of MITRE navigator updated to only show the techniques listed for that matrix, like so: https://attack.mitre.org/matrices/enterprise/cloud/azure/

@isaisabel
Copy link
Contributor Author

Hi @nicolaipre,

To some extent this feature already exists -- on the ATT&CK website, those sub-matrices within Enterprise (e.g the Azure matrix) are filtering techniques by platform. The filter feature on the Navigator allows you to replicate this same behavior:

image

What this issue is describing is allowing for mixed domains, e.g Enterprise and Mobile (and eventually ICS) inside of the same instance of the application. Currently each domain has its own instance like so:

@nicolaipre
Copy link

@isaisabel Well, that was exactly what I was looking for. Not sure how I managed to miss out and not find that. But oh well.

Thank you for clarifying!

@clemiller clemiller mentioned this issue Oct 22, 2020
Merged
@isaisabel
Copy link
Contributor Author

Staged on develop for the upcoming release.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@clemiller clemiller

Labels
enhancement New feature or request timescale/imminent Ready to be assigned to developers
Projects
None yet
Milestone
Version 4.0: Domain and Versioning Im...
Development

No branches or pull requests
3 participants
@nicolaipre @isaisabel @clemiller