From 3a1f5f4cea70010c8b4769c8745f601becc4d65f Mon Sep 17 00:00:00 2001
From: Ruben Bouman <ruben@siriussecurity.nl>
Date: Mon, 29 Jun 2020 16:53:45 +0200
Subject: [PATCH] Added support for the new Navgiator v3.0 format.

---
 data_source_mapping.py |  1 +
 generic.py             | 20 ++++++++------------
 group_mapping.py       |  1 +
 technique_mapping.py   |  3 +++
 4 files changed, 13 insertions(+), 12 deletions(-)

diff --git a/data_source_mapping.py b/data_source_mapping.py
index 29ed64f..8663b63 100644
--- a/data_source_mapping.py
+++ b/data_source_mapping.py
@@ -283,6 +283,7 @@ def _map_and_colorize_techniques(my_ds, platforms, exceptions):
                                                                                                                            applicable_data_sources))},
                                  {'name': '-Products', 'value': ', '.join(v['products'])}]
                 d['metadata'] = make_layer_metadata_compliant(d['metadata'])
+                d['showSubtechniques'] = True
 
                 output_techniques.append(d)
 
diff --git a/generic.py b/generic.py
index a06e139..a5f9c4a 100644
--- a/generic.py
+++ b/generic.py
@@ -211,7 +211,7 @@ def _get_base_template(name, description, stage, platform, sorting):
     """
     layer = dict()
     layer['name'] = name
-    layer['version'] = '2.2'
+    layer['version'] = '3.0'
     layer['domain'] = 'mitre-enterprise'
     layer['description'] = description
 
@@ -224,8 +224,9 @@ def _get_base_template(name, description, stage, platform, sorting):
         layer['filters'] = {'stages': ['prepare'], 'platforms': platform}
 
     layer['sorting'] = sorting
-    layer['viewMode'] = 0
+    layer['layout'] = {"layout": "flat", "showName": True, "showID": False}
     layer['hideDisable'] = False
+    layer['selectSubtechniquesWithParent'] = False
     layer['techniques'] = []
 
     layer['showTacticRowBackground'] = False
@@ -237,8 +238,7 @@ def _get_base_template(name, description, stage, platform, sorting):
 def get_layer_template_groups(name, max_count, description, stage, platform, overlay_type):
     """
     Prepares a base template for the json layer file that can be loaded into the MITRE ATT&CK Navigator.
-    More information on the version 2.2 layer format:
-    https://github.com/mitre/attack-navigator/blob/master/layers/LAYERFORMATv2_1.md
+    More information on the layer format can be found here: https://github.com/mitre/attack-navigator/blob/master/layers/
     :param name: name
     :param max_count: the sum of all count values
     :param description: description
@@ -287,8 +287,7 @@ def get_layer_template_groups(name, max_count, description, stage, platform, ove
 def get_layer_template_detections(name, description, stage, platform):
     """
     Prepares a base template for the json layer file that can be loaded into the MITRE ATT&CK Navigator.
-    More information on the version 2.2 layer format:
-    https://github.com/mitre/attack-navigator/blob/master/layers/LAYERFORMATv2_1.md
+    More information on the layer format can be found here: https://github.com/mitre/attack-navigator/blob/master/layers/
     :param name: name
     :param description: description
     :param stage: stage (act | prepare)
@@ -311,8 +310,7 @@ def get_layer_template_detections(name, description, stage, platform):
 def get_layer_template_data_sources(name, description, stage, platform):
     """
     Prepares a base template for the json layer file that can be loaded into the MITRE ATT&CK Navigator.
-    More information on the version 2.2 layer format:
-    https://github.com/mitre/attack-navigator/blob/master/layers/LAYERFORMATv2_1.md
+    More information on the layer format can be found here: https://github.com/mitre/attack-navigator/blob/master/layers/
     :param name: name
     :param description: description
     :param stage: stage (act | prepare)
@@ -334,8 +332,7 @@ def get_layer_template_data_sources(name, description, stage, platform):
 def get_layer_template_visibility(name, description, stage, platform):
     """
     Prepares a base template for the json layer file that can be loaded into the MITRE ATT&CK Navigator.
-    More information on the version 2.2 layer format:
-    https://github.com/mitre/attack-navigator/blob/master/layers/LAYERFORMATv2_1.md
+    More information on the layer format can be found here: https://github.com/mitre/attack-navigator/blob/master/layers/
     :param name: name
     :param description: description
     :param stage: stage (act | prepare)
@@ -356,8 +353,7 @@ def get_layer_template_visibility(name, description, stage, platform):
 def get_layer_template_layered(name, description, stage, platform):
     """
     Prepares a base template for the json layer file that can be loaded into the MITRE ATT&CK Navigator.
-    More information on the version 2.2 layer format:
-    https://github.com/mitre/attack-navigator/blob/master/layers/LAYERFORMATv2_1.md
+    More information on the layer format can be found here: https://github.com/mitre/attack-navigator/blob/master/layers/
     :param name: name
     :param description: description
     :param stage: stage (act | prepare)
diff --git a/group_mapping.py b/group_mapping.py
index 797fa06..790acf2 100644
--- a/group_mapping.py
+++ b/group_mapping.py
@@ -370,6 +370,7 @@ def _get_technique_layer(techniques_count, groups, overlay, groups_software, ove
         t = dict()
         t['techniqueID'] = tech
         t['score'] = v['count']
+        t['showSubtechniques'] = True
         t['metadata'] = []
         metadata_dict = dict()
 
diff --git a/technique_mapping.py b/technique_mapping.py
index e4d803d..fb0fe44 100644
--- a/technique_mapping.py
+++ b/technique_mapping.py
@@ -177,6 +177,7 @@ def _map_and_colorize_techniques_for_detections(my_techniques):
                         x['tactic'] = tactic.lower().replace(' ', '-')
                         x['metadata'] = []
                         x['score'] = s
+                        x['showSubtechniques'] = True
                         cnt = 1
                         tcnt = len([d for d in technique_data['detection'] if get_latest_score(d) >= 0])
                         for detection in technique_data['detection']:
@@ -242,6 +243,7 @@ def _map_and_colorize_techniques_for_visibility(my_techniques, my_data_sources,
                                                                                                                                applicable_data_sources))})
                 x['metadata'].append({'name': '---', 'value': '---'})
                 x['score'] = s
+                x['showSubtechniques'] = True
 
                 cnt = 1
                 tcnt = len(technique_data['visibility'])
@@ -328,6 +330,7 @@ def _map_and_colorize_techniques_for_overlaid(my_techniques, my_data_sources, pl
             x['metadata'].append({'name': '-Available data sources', 'value': my_ds})
             x['metadata'].append({'name': '-ATT&CK data sources', 'value': ', '.join(get_applicable_data_sources_technique(technique['x_mitre_data_sources'],
                                                                                                                            applicable_data_sources))})
+            x['showSubtechniques'] = True
             # Metadata for detection and visibility:
             for obj_type in ['detection', 'visibility']:
                 tcnt = len([obj for obj in technique_data[obj_type] if get_latest_score(obj) >= 0])