-
Notifications
You must be signed in to change notification settings - Fork 403
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Quick questions about Json #23
Comments
Hey @SadProcessor - these are both really great points/questions. Regarding how often the JSON data will be generated/updated, the TAXII server is actually syncing on this repo, so this repo will always be up to date with the ATT&CK content updates. About the detection info - right now it's part of the description of the corresponding attack pattern. For example, here's the description for .bash_profile and .bashrc with the detection in bold: "description": " We're discussing whether or not we want to put this into a custom x_mitre_detection property in the attack pattern, so having you bring it up here has been helpful. We will keep you posted on whether or not the current model of having it solely in the description changes. Please let us know if you have any other questions, concerns, or suggestions! |
Awesome. Just was I was hoping to hear... |
Hey ATT&CK,
I have a few quick questions.
I am rebuiding a set of powershell cmdlets to explore the awesome data you got there...
Started looking at STIX and TAXII and that python library...
then I saw you had it all exported in json right here.
Perfect for what I have in mind (and less work).
Anyways, was wondering how often this json data will be generated/updated?
Also, looking at attack-pattern/course-of-action can't seem to find the 'detection' info as avail on wiki.
Was wondering if it would be possible to add this (quite valuable piece of info),
maybe as an x_mitre property in the course-of-action objects.
Thanks anyways for awesome stuff.
The text was updated successfully, but these errors were encountered: