infosecn1nja
/
DeTTECT
mirror of https://github.com/infosecn1nja/DeTTECT.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
264 Commits
1 Branch
17 Tags
12 MiB
Commit Graph

31 Commits (23b0324e75d6c063f93087c368c86c8677498343)

Author SHA1 Message Date
Ruben 23b0324e75 Bugfix: date in auto updated yaml file was in YYYY-MM-DD format what errors when auto updating the YAML again. Using long datetime format like in the Editor. 2020-04-16 15:18:27 +02:00
Ruben Bouman b17d02733b bugfix on filtering data sources 2020-03-16 10:29:30 +01:00
Marcus Bakker 363beab8a5 Mapped data sources to platforms 2020-02-10 12:17:00 +01:00
Marcus Bakker c93bb12216 Resolved issue #15 2020-01-06 12:00:27 +01:00
Marcus Bakker afea99cfee Added new functionality to include all ATT&CK techniques when generating a YAML file based on a data source YAML file. 2019-12-09 15:26:48 +01:00
Marcus Bakker b6a00a3955 Added new functionality to support a platform key-value pair in a group YAML file. 2019-12-06 13:50:16 +01:00
Marcus Bakker c6ad00331a - Fixed a bug that could result in an invalid message in the Excel for a missing ATT&CK data sources 
- Added a health check for when the data source YAML file is missing an ATT&CK data source
 2019-12-05 10:45:24 +01:00
Marcus Bakker 567951174a The cumulative count was broken due to upgrade of Pandas to version 0.25.3 2019-12-05 10:37:11 +01:00
Ruben Bouman fdd4f7b4b7 Fixed two bugs: 
- Using 'all' in a data soursce file to generate a YAML file does not work: empty file.
- Having 'all' in a data source and then use --yaml result in a weird filename: data-sources-a-l-l
 2019-11-18 14:27:25 +01:00
Ruben Bouman f67cb194d4 Improved handling of multiple possible values for platform. 2019-11-05 10:21:42 +01:00
Ruben Bouman b5f970b8c2 Added support for new platforms of ATT&CK October update: AWS, GCP, Azure, Azure AD, Office 365, SaaS. 
Added support for using multiple values in platform attribute in data sources administration and techniques administration files.

Added health check on platform attribute in techniques administration file.

Updated support for ATT&CK Navigator layer version 2.2.
 2019-11-04 14:48:58 +01:00
Marcus Bakker 0c15c1ffde Fixed a bug that caused a crash when having empty technique ID entries within the 'exception' list of a data source administration YAML file. 2019-10-17 13:51:28 +02:00
Marcus Bakker 3c341ce9a9 Fixed a bug within the YAML visibility update functionality. 2019-09-19 15:49:59 +02:00
Marcus Bakker 14852fb24a Merge branch 'master' of https://github.com/marcusbakker/DeTTECT-private 2019-08-20 11:16:05 +02:00
Marcus Bakker da23777631 - Excel columns made wider. 
- Removed depreciated functionality.
 2019-08-20 11:15:26 +02:00
Ruben Bouman 45ca1b9e81 Merge branch 'master' of https://github.com/marcusbakker/DeTTECT-private 2019-08-20 09:15:52 +02:00
Ruben Bouman 90fc9278c9 Don't overwrite output files if they already exist, but append a number to the filename as suffix. 2019-08-20 09:15:41 +02:00
Marcus Bakker 84f9f0440a - Non-MITRE ATT&CK data sources are now also exported to Excel. 
- Any ATT&CK data sources that are missing within the YAML file are added to the Excel with a comment stating it is missing.
 2019-08-15 20:31:20 +02:00
Ruben Bouman 437f4f346d Merge branch 'master' of https://github.com/marcusbakker/DeTTECT-private 2019-08-15 15:34:36 +02:00
Ruben Bouman e4eca01168 small improvements 2019-08-15 15:34:31 +02:00
Marcus Bakker 4f045644f1 Fixed a bug that caused a crash when a technique_id was part of the exception list 2019-08-15 11:05:11 +02:00
Marcus Bakker 94e5470ccd Modified how the DQ overall scores is calculated. 2019-08-13 14:24:03 +02:00
Marcus Bakker 0a7be67477 - Multiple functions modified to be compatible with new EQL query functionality. 
- Making use of StringIO within the function 'generate_technique_administration_file' instead of writing a temporary file to disk.
 2019-08-08 14:48:22 +02:00
Marcus Bakker 9100cd2175 Changed the way the file is written. 2019-08-02 11:45:56 +02:00
Marcus Bakker 94f4913670 - Replaced PyYAML with ruamel.yaml 
- Added new functionality for the auto-update of visibility scores.
- Made compatible with version 1.2 of the technique admin YAML file.
 2019-07-31 10:13:46 +02:00
Marcus Bakker 3f4876a682 Increased performance by caching ATT&CK STIX objects were possible. 2019-07-15 14:55:39 +02:00
Marcus Bakker e251c6157c Made compatible with the latest version of attackcti (v0.2.6) 2019-07-13 14:40:24 +02:00
Ruben Bouman 78bc2f2842 Added support for multiple detections and visibility per technique in the technique administration YAML file. 
Changed version number tot 1.1.

Improvements and fixes for the new detections/visibility Excel sheet.
 2019-05-02 13:21:01 +02:00
Ruben Bouman add18fc725 Added wrap_text and (v)aligns to Excel cells. 
Added colors for detection, visibility and data quality scores in Excel sheets.
 2019-04-24 17:16:11 +02:00
Marcus Bakker 72f1722746 Added support for tech. admin. file version 1.1 2019-04-23 13:22:03 +02:00
Marcus Bakker 8b5b397ebc initial commit 2019-03-29 15:26:25 +01:00