0938ad2906
Merge branch 'development' of https://github.com/marcusbakker/DeTTECT-private into development
2019-12-12 16:02:20 +01:00
c18dc294ed
Typo
2019-12-12 15:50:27 +01:00
b6cc65bc23
Fixed a bug that caused an invalid health error message.
2019-12-12 15:21:27 +01:00
b3cca244d6
Added a 'platform' key-value pair
2019-12-12 15:07:56 +01:00
26af7a4e26
Several small changes in some text.
2019-12-11 10:43:08 +01:00
d545b5e040
bumped the version to 1.2.6
2019-12-11 10:41:39 +01:00
80c8ad13ec
Updated the package plotly to it latest version
2019-12-11 10:40:17 +01:00
afea99cfee
Added new functionality to include all ATT&CK techniques when generating a YAML file based on a data source YAML file.
2019-12-09 15:26:48 +01:00
ed14d04a90
Multiple small changes (the listed techniques and/or assigned scores are unchanged)
2019-12-06 16:16:33 +01:00
102f962c9a
Fixed the scoring
2019-12-06 14:28:58 +01:00
b6a00a3955
Added new functionality to support a platform key-value pair in a group YAML file.
2019-12-06 13:50:16 +01:00
64eb960c18
Added a group YAML file and layer for: the top 10 MITRE ATT&CK techniques Red Canary detected against the retail sector in 2019.
2019-12-06 13:25:33 +01:00
2aea279f87
Added an extra health check for an empty item in the key-value pair 'applicable_to'.
2019-12-05 16:07:02 +01:00
9885c63feb
Renamed "Data completeness" to "Data field completeness"
2019-12-05 15:53:57 +01:00
e30e9ada16
fixed an issue that resulted in dates to be represented as strings
2019-12-05 15:44:36 +01:00
ee98d1bd8a
Added new functionality that provides the capability to search over custom key-value pairs within a technique administration YAML file.
2019-12-05 14:45:34 +01:00
40657c4e06
Removing revoked ATT&CK STIX objects
2019-12-05 10:46:44 +01:00
c6ad00331a
- Fixed a bug that could result in an invalid message in the Excel for a missing ATT&CK data sources
...
- Added a health check for when the data source YAML file is missing an ATT&CK data source
2019-12-05 10:45:24 +01:00
93dea65bbf
Added a health check for when the data source YAML file is missing an ATT&CK data source
2019-12-05 10:43:07 +01:00
4a73fb52e3
Updated all packages to their latest version.
2019-12-05 10:37:43 +01:00
567951174a
The cumulative count was broken due to upgrade of Pandas to version 0.25.3
2019-12-05 10:37:11 +01:00
b185de70e4
Fixed the 'date_connected' for the source 'Office 365 audit logs'.
2019-12-05 10:35:53 +01:00
28b26fb92c
Small fixes
2019-12-05 08:43:42 +01:00
a952c34cac
Added new checks to make sure the metadata in a Navigator layer file is compliant with the expected data structure. Reported by @Sreeman.
2019-12-04 14:51:56 +01:00
a72add80c1
Fixed a bug that resulted (within specific circumstance) in a wrong colour for visibility, when detection coverage is overlaid with visibility. Reported by @Sreeman.
2019-12-04 10:39:11 +01:00
4e2f7b1adc
Added an extra health check for an empty item in the key-value pair 'location' of a detection. Reported by @Sreeman.
2019-11-29 12:22:10 +01:00
dc092696f2
Fixed of a bug that caused a crash when having a None value for a detection or visibility comment. Reported by @Sreeman.
2019-11-29 12:17:33 +01:00
64eb0fbc5d
Merge branch 'master' of development branch
2019-11-19 11:53:59 +01:00
2be0549293
rename files
2019-11-19 11:46:22 +01:00
400495ca03
Merge branch 'master' of https://github.com/marcusbakker/DeTTECT-private
2019-11-19 11:39:32 +01:00
c10f20b1b2
Added group yaml and layer file for the "ATT&CK Techniques and Trends in Windows Malware" publication by Kris Oosthoek and Christian Doerr.
2019-11-19 11:39:25 +01:00
734aceebe3
Removed unnecessary code from the function "data_source_search"
2019-11-19 11:28:01 +01:00
be31da063c
Bumped the version to 1.2.5
2019-11-19 10:26:02 +01:00
7aacb7feb1
A fix for a bug that broke EQL searches on Data Source Administration YAML files
2019-11-19 10:10:15 +01:00
fdd4f7b4b7
Fixed two bugs:
...
- Using 'all' in a data soursce file to generate a YAML file does not work: empty file.
- Having 'all' in a data source and then use --yaml result in a weird filename: data-sources-a-l-l
2019-11-18 14:27:25 +01:00
77e580952e
Merge remote-tracking branch 'origin/master'
2019-11-15 20:52:27 +01:00
74bba89627
Added the platforms from the October update.
2019-11-15 20:51:51 +01:00
fb3a5982b8
Fix for a small bug that resulted in a stacktrace when using an invalid group name as overlay.
2019-11-14 15:12:26 +01:00
dd4708a440
A small bug fix that resulted in an invalid Navigator layer file for a group/threat actor heat map, or when overlaid with a group, visibility or detection coverage.
2019-11-14 15:09:36 +01:00
c208d67e0f
Bumped the version to 1.2.4
2019-11-14 14:46:59 +01:00
3c1105c247
Merge branch 'master' of https://github.com/rabobank-cdc/DeTTECT
2019-11-07 08:55:14 +01:00
4205e58ae7
Changed the blog URL.
2019-11-07 08:54:58 +01:00
370071bb7e
Merge branch 'development'
2019-11-06 12:58:06 +01:00
43360f6242
Removed the platform "Azure"
2019-11-06 12:56:51 +01:00
a93cd9732c
Added Group YAML Files and Navigator layers for CrowdStrike's 2019 Mid-Year OverWatch Report.
2019-11-06 12:29:09 +01:00
d2d24824f5
Merge branch 'development'
2019-11-05 13:54:23 +01:00
207162f29b
Merge branch 'master' of https://github.com/marcusbakker/DeTTECT-private
2019-11-05 10:21:48 +01:00
f67cb194d4
Improved handling of multiple possible values for platform.
2019-11-05 10:21:42 +01:00
6dd96dff72
Added the new ATT&CK data sources from the October update.
2019-11-05 08:50:46 +01:00
b9188ad50e
Merge branch 'master' of https://github.com/marcusbakker/DeTTECT-private
2019-11-05 08:50:12 +01:00
Ruben Bouman
Marcus Bakker