Conversation
|
TEMPORARILY switching the ref for splunk/security_content to run the smoketest_escu job against the prepped branch with changes. |
|
16/16 successful checks when testing against the prepared content branch 
|
to check out missing repos when --enrichments argument is passed to contentctl build
in mitre attack nav output Co-authored-by: Copilot <copilot@github.com>
|
Made a small update to the guidance that is printed out when --enrichments is used here: Also, I think we likely need to bump this version to "19" here: Having generated the coverage.json and opening it at https://mitre-attack.github.io/attack-navigator/, it looks correct. See the screenshot below, with inclusion of "Stealth" and "Defense Impairment" columns: |
pyth0n1c
left a comment
pyth0n1c
left a comment
There was a problem hiding this comment.
I have made some other small tweaks to this as noted in the comments, but these changes look good to me.
I have also tested them against the modified content branch in security_content and they all look good as well!
I believe we are good to merge and should cut a new release.
2 participants
Also migrates to STIX2.1 version of ATT&CK.
Corresponding splunk/security_content PR here: splunk/security_content#4036
The linked PR has the 176 updated detections with their new v19 mappings.