You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
This is a summary of the features requests I received (in random order):
The ability to import ATT&CK™ data sets using the tool itself.
Add custom techniques not listed in ATT&CK™ (insider threat and fraud focused).
Incorporate more red-teams playbooks, similar to atomic-red-team™.
Start a plan by importing ATT&CK™ navigator exports.
Ability to define targets and assign a "testing guideline" to each, allowing users to input components of their systems in terms of access/process/technology (what is being defended).
Integrate the tool with CALDERA™ to generate tests.
Allow users to enter known vulnerability data for systems (like Kenna or NVD).
Add technique scoring cost/difficulty/discoverability for attack tree modeling (technique based attack probability and simulation).
Thank you all for your feedback, if you would like to add a new feature or feedback about a requested feature, please add it here or email me directly at [email protected]
The text was updated successfully, but these errors were encountered:
Just the one feature request from what I've seen so far:
Ability to include software used by APTs, e.g. APT30 uses S0028 (SHIPSHAPE), which maps to T1060, T1091, T1023. Implementation of this could be that importing S0028 would add S0028 as a node and expand the three Techniques as child nodes, with the "Use" information populated in the Description field.
Also is there a way to update the sqlite db with the latest data from the Mitre Att&ck site?
Regarding the first request, it used to exist but was removed and replaced with filtering the techniques related to a certain adversary or software for selection while creating/editing the testing guideline. The decision was based on feedback that not all TTPs would fit into one testing guideline, which makes sense if you look at APT3 plan, testing guidelines are matched with less TTPs, and the full plan doesn't cover all TTPs reported.
Regarding the database update, I just updated the content with the latest ATT&CK and ATOMIC contents
This is a summary of the features requests I received (in random order):
Thank you all for your feedback, if you would like to add a new feature or feedback about a requested feature, please add it here or email me directly at [email protected]
The text was updated successfully, but these errors were encountered: