The MITRE ATT&CK Framework is a great tool security teams can leverage to, among many other things, measure the security posture of an organization against tactics and techniques used in the wild by real threat actors.
At the time of writing, ATT&CK covers 266 Techniques across 12 Tactics. If done manually, tracking this posture's state over time can become a tedious and challenging task. Blue/Purple teams require the proper tools that allow them to efficiently tackle this challenge and focus on whats important.
attack2jira automates the process of standing up a Jira environment that can be used to track and measure ATT&CK coverage. No more spreadsheets !
To allow the community to experiment with this approach, I created a Jira instance hosting the ATTACK project with attack2jira: https://attack.atlassian.net
attack2jira was designed to be used with Jira Cloud. Specifically, Jira Software.
Tested on Kali Linux 2018.4 and Windows 10 1830 under Python 3.6 and Python 3.7.
Quick Start Guide
$ git clone https://github.com/mvelazc0/attack2jira.git $ pip3 install -r attack2jira/requirements.txt
- You will need a Jira Software Cloud environment.
- You can set up a free trial environment for up to 10 users here.
Print the help menu
$ python3 attack2jira.py -h
Create the Jira ATTACK project and issues
$ python3 attack2jira.py -url https://yourjiracloud.atlassian.net -u email@example.com -a initialize
Export an ATTACK Navigator JSON layer
$ python3 attack2jira.py -url https://yourjiracloud.atlassian.net -u firstname.lastname@example.org -a export $ python3 attack2jira.py -url https://yourjiracloud.atlassian.net -u email@example.com -a export -hide
This project is licensed under the BSD 3-Clause License - see the LICENSE file for details