Added "Rapid7 Quarterly Threat Report Q1 2019"
parent
95e9a4b068
commit
787ca07afb
|
@ -0,0 +1,35 @@
|
|||
|
||||
%YAML 1.2
|
||||
---
|
||||
version: 1.0
|
||||
file_type: group-administration
|
||||
groups:
|
||||
-
|
||||
group_name: Rapid7 Quarterly Threat Report Q1 2019
|
||||
campaign:
|
||||
technique_id:
|
||||
T1195: 2
|
||||
T1059: 2
|
||||
T1106: 2
|
||||
T1035: 2
|
||||
T1204: 2
|
||||
T1189: 3
|
||||
T1407: 9 # mobile technique
|
||||
T1018: 10
|
||||
T1219: 16
|
||||
T1496: 20
|
||||
T1105: 40
|
||||
T1071: 45
|
||||
T1165: 50
|
||||
T1060: 50
|
||||
T1021: 60
|
||||
T1486: 77
|
||||
T1082: 90
|
||||
T1027: 91
|
||||
T1064: 96
|
||||
T1133: 97
|
||||
T1114: 99
|
||||
T1472: 99 # mobile technique
|
||||
T1411: 99
|
||||
software_id: []
|
||||
enabled: True
|
|
@ -0,0 +1,30 @@
|
|||
{"name": "Attack Windows", "version": "2.1", "domain": "mitre-enterprise", "description": "stage: attack | platform: Windows | group(s): Rapid7 Quarterly Threat Report Q1 2019 | overlay group(s): ", "filters": {"stages": ["act"], "platforms": ["windows"]},
|
||||
"sorting": 3, "viewMode": 0, "hideDisable": false, "techniques": [{"techniqueID": "T1018", "score": 10, "metadata": [{"name": "-Groups", "value": "Rapid7 Quarterly Threat Report Q1 2019"}]},
|
||||
{"techniqueID": "T1219", "score": 16, "metadata": [{"name": "-Groups", "value": "Rapid7 Quarterly Threat Report Q1 2019"}]},
|
||||
{"techniqueID": "T1195", "score": 2, "metadata": [{"name": "-Groups", "value": "Rapid7 Quarterly Threat Report Q1 2019"}]},
|
||||
{"techniqueID": "T1064", "score": 96, "metadata": [{"name": "-Groups", "value": "Rapid7 Quarterly Threat Report Q1 2019"}]},
|
||||
{"techniqueID": "T1071", "score": 45, "metadata": [{"name": "-Groups", "value": "Rapid7 Quarterly Threat Report Q1 2019"}]},
|
||||
{"techniqueID": "T1189", "score": 3, "metadata": [{"name": "-Groups", "value": "Rapid7 Quarterly Threat Report Q1 2019"}]},
|
||||
{"techniqueID": "T1204", "score": 2, "metadata": [{"name": "-Groups", "value": "Rapid7 Quarterly Threat Report Q1 2019"}]},
|
||||
{"techniqueID": "T1486", "score": 77, "metadata": [{"name": "-Groups", "value": "Rapid7 Quarterly Threat Report Q1 2019"}]},
|
||||
{"techniqueID": "T1496", "score": 20, "metadata": [{"name": "-Groups", "value": "Rapid7 Quarterly Threat Report Q1 2019"}]},
|
||||
{"techniqueID": "T1060", "score": 50, "metadata": [{"name": "-Groups", "value": "Rapid7 Quarterly Threat Report Q1 2019"}]},
|
||||
{"techniqueID": "T1165", "score": 50, "metadata": [{"name": "-Groups", "value": "Rapid7 Quarterly Threat Report Q1 2019"}]},
|
||||
{"techniqueID": "T1407", "score": 9, "metadata": [{"name": "-Groups", "value": "Rapid7 Quarterly Threat Report Q1 2019"}]},
|
||||
{"techniqueID": "T1114", "score": 99, "metadata": [{"name": "-Groups", "value": "Rapid7 Quarterly Threat Report Q1 2019"}]},
|
||||
{"techniqueID": "T1021", "score": 60, "metadata": [{"name": "-Groups", "value": "Rapid7 Quarterly Threat Report Q1 2019"}]},
|
||||
{"techniqueID": "T1027", "score": 91, "metadata": [{"name": "-Groups", "value": "Rapid7 Quarterly Threat Report Q1 2019"}]},
|
||||
{"techniqueID": "T1106", "score": 2, "metadata": [{"name": "-Groups", "value": "Rapid7 Quarterly Threat Report Q1 2019"}]},
|
||||
{"techniqueID": "T1059", "score": 2, "metadata": [{"name": "-Groups", "value": "Rapid7 Quarterly Threat Report Q1 2019"}]},
|
||||
{"techniqueID": "T1082", "score": 90, "metadata": [{"name": "-Groups", "value": "Rapid7 Quarterly Threat Report Q1 2019"}]},
|
||||
{"techniqueID": "T1411", "score": 99, "metadata": [{"name": "-Groups", "value": "Rapid7 Quarterly Threat Report Q1 2019"}]},
|
||||
{"techniqueID": "T1133", "score": 97, "metadata": [{"name": "-Groups", "value": "Rapid7 Quarterly Threat Report Q1 2019"}]},
|
||||
{"techniqueID": "T1472", "score": 99, "metadata": [{"name": "-Groups", "value": "Rapid7 Quarterly Threat Report Q1 2019"}]},
|
||||
{"techniqueID": "T1035", "score": 2, "metadata": [{"name": "-Groups", "value": "Rapid7 Quarterly Threat Report Q1 2019"}]},
|
||||
{"techniqueID": "T1105", "score": 40, "metadata": [{"name": "-Groups", "value": "Rapid7 Quarterly Threat Report Q1 2019"}]}], "showTacticRowBackground": false, "tacticRowBackground": "#dddddd", "selectTechniquesAcrossTactics": true, "gradient": {"colors": ["#ffcece", "#ff0000"], "minValue": 0, "maxValue": 99},
|
||||
"legendItems": [{"label": "Tech. not often used", "color": "#ffcece"},
|
||||
{"label": "Tech. used frequently", "color": "#ff0000"},
|
||||
{"label": "Groups overlay: tech. in group + overlay", "color": "#f9a825"},
|
||||
{"label": "Groups overlay: tech. in overlay", "color": "#ffee58"},
|
||||
{"label": "Src. of tech. is only software", "color": "#0d47a1 "},
|
||||
{"label": "Src. of tech. is group(s)/overlay + software", "color": "#64b5f6 "}]}
|
Loading…
Reference in New Issue