Marcus Bakker
cf4a55081c
Added new functionality for Mitigations statistics
2019-08-01 15:02:06 +02:00
Marcus Bakker
5814446462
Added new constants for STIX
2019-08-01 15:00:09 +02:00
Marcus Bakker
a24f77146e
A pre-attack Navigator layer's filename no longer contains a platform (which it does not support)
2019-07-31 11:59:17 +02:00
Marcus Bakker
b3468a1060
- Added new functionality for the auto-upgrade from tech. admin. YAML file v1.1 to v1.2.
...
- Replaced PyYAML with ruamel.yaml.
2019-07-31 10:23:32 +02:00
Marcus Bakker
ef7f494cda
- Made compatible with the version 1.2 of the technique admin YAML file.
...
- Replaced PyYAML with ruamel.yaml.
2019-07-31 10:21:39 +02:00
Marcus Bakker
b2fdb25647
- Multiple functions made "private".
...
- Added new menu options.
2019-07-31 10:20:21 +02:00
Marcus Bakker
f4121bf4d0
- Replaced PyYAML with ruamel.yaml.
...
- Multiple functions made "private".
2019-07-31 10:19:51 +02:00
Marcus Bakker
d0f2a4946b
- Made compatible with version 1.2 of the technique admin YAML file.
...
- Added new functionality for the auto-update of visibility scores.
- Added multiple new generic functions.
- Multiple small improvements to the technique admin YAML file health check.
- Replaced PyYAML with ruamel.yaml.
- Multiple functions made "private".
- Made compatible with v0.2.7 of attackcti.
2019-07-31 10:18:57 +02:00
Marcus Bakker
6be77c3260
- Multiple functions made "private".
...
- Added new menu options.
2019-07-31 10:14:47 +02:00
Marcus Bakker
94f4913670
- Replaced PyYAML with ruamel.yaml
...
- Added new functionality for the auto-update of visibility scores.
- Made compatible with version 1.2 of the technique admin YAML file.
2019-07-31 10:13:46 +02:00
Marcus Bakker
b0ba153c32
- Updated the version to 1.2.0
...
- Added new constants for the tech v1.1 to v1.2 upgrade
- Added new constants for the auto-update visibility scores functionality
2019-07-31 10:09:06 +02:00
Marcus Bakker
539611dac7
- Updated to version 1.2 of the tech. administration file.
...
- Improved visibility scores due to the new data source: Process use of network.
2019-07-31 10:05:44 +02:00
Marcus Bakker
6a23aae605
Added the data source as available (with a high DQ): Process use of network
2019-07-30 20:51:18 +02:00
Marcus Bakker
1ea3547728
Added an empty data source administration YAML file
2019-07-30 14:41:06 +02:00
Marcus Bakker
23f903404a
- replaced PyYAML by ruamel.yaml (needed to preserve comments and block style and key ordering)
...
- updated attackcti to v0.2.7
2019-07-30 09:02:33 +02:00
Marcus Bakker
4e89105f04
Bugfix causing a red colour when score equals 0 in the visibility Navigator layer
2019-07-24 10:21:19 +02:00
Marcus Bakker
275a5ffdb3
Bug fix (tech ID was retrieved in the wrong way)
2019-07-18 10:40:45 +02:00
Marcus Bakker
f0f15ff2e1
Merge pull request #10 from rabobank-cdc/development
...
Upgrade to v1.1.2
2019-07-16 10:06:44 +02:00
Marcus Bakker
510616f6fb
Updated to version 1.1.2
2019-07-16 10:01:08 +02:00
Marcus Bakker
3f4876a682
Increased performance by caching ATT&CK STIX objects were possible.
2019-07-15 14:55:39 +02:00
Marcus Bakker
055724abca
Typos
2019-07-13 14:42:29 +02:00
Marcus Bakker
f3407f6ec4
- Made compatible with the latest version of attackcti (v0.2.6)
...
- Fixed a bug that caused the campaign name not to be displayed for a group (part of the Group YAML file)
2019-07-13 14:41:59 +02:00
Marcus Bakker
20408b9411
Removed the package git
2019-07-13 14:40:57 +02:00
Marcus Bakker
e251c6157c
Made compatible with the latest version of attackcti (v0.2.6)
2019-07-13 14:40:24 +02:00
Marcus Bakker
679fd81d1a
Upgraded packages to their latest version
2019-07-13 14:37:30 +02:00
Marcus Bakker
933d6a859f
Merge pull request #9 from rabobank-cdc/master
...
Merge dev. with master
2019-07-08 14:09:03 +02:00
Marcus Bakker
58bdb99c86
Add Dockerfile
2019-07-08 13:40:24 +02:00
Marcus Bakker
0a80380fe2
Changed name from DeTTACT to DeTTECT
2019-07-08 10:39:15 +02:00
Marcus Bakker
7fdc637d6c
Split layer into enterprise and mobile
2019-07-02 09:38:44 +02:00
Marcus Bakker
50b177f8dc
rename
2019-07-02 08:56:46 +02:00
Marcus Bakker
787ca07afb
Added "Rapid7 Quarterly Threat Report Q1 2019"
2019-07-02 08:54:28 +02:00
Marcus Bakker
95e9a4b068
Typos fix
2019-06-10 20:19:19 +02:00
Marcus Bakker
c2d607b854
fix of a broken img url
2019-05-23 10:25:38 +02:00
Marcus Bakker
77cac4f8aa
fix of a broken link
2019-05-23 10:14:10 +02:00
Marcus Bakker
75c4fa69f6
Merge pull request #7 from rabobank-cdc/development
...
Merge dev to master for version 1.1.1
2019-05-23 10:06:04 +02:00
Marcus Bakker
5fef4b6981
moved the overall to the top
2019-05-23 09:51:39 +02:00
Marcus Bakker
7db280b94c
updated the version from 1.1 to 1.1.1
2019-05-23 09:44:20 +02:00
Marcus Bakker
70a33fc018
update on text
2019-05-23 09:43:07 +02:00
Marcus Bakker
2dd9327955
removed an unnecessary print statement
2019-05-23 09:37:08 +02:00
Marcus Bakker
34aba1e278
Fixt a small bug causing an exception in the data source menu
2019-05-23 09:36:03 +02:00
Marcus Bakker
223b7801d2
fixed a typo in T1171
2019-05-22 10:00:27 +02:00
Marcus Bakker
2f480b0c4e
fixed a typo
2019-05-20 14:54:16 +02:00
Marcus Bakker
621ac3a367
updated help texts
2019-05-20 14:49:35 +02:00
Marcus Bakker
f10e4ea9ab
- The health function now checks for very similar values within the key-value pair 'applicable_to'. E.g. 'server' and 'servers'.
...
- The health function is now always called for technique admin files. Showing a generic error message if possible errors are found.
- Created new function 'check_file' to separate the functionality from 'check_file_type'.
2019-05-19 14:10:25 +02:00
Marcus Bakker
3de186c96e
added the health check to the menu
2019-05-17 14:08:17 +02:00
Marcus Bakker
bdb57f0270
Fixed some errors
2019-05-17 14:05:48 +02:00
Marcus Bakker
7c88bb46d8
Renamed the .yaml file and created Navigator layers.
2019-05-16 13:30:42 +02:00
Ruben Bouman
4b94efa651
Moved threat actor info from redcanary to new folder "threat-actor-data".
2019-05-16 08:24:14 +02:00
Ruben Bouman
111395c684
Merge branch 'development' of https://github.com/rabobank-cdc/DeTTACT into development
2019-05-15 14:43:32 +02:00
Ruben Bouman
9a9aa01355
Provided a groups YAML file for the Red Canary threat detection 2019 report, listing all frequently used techniques including lists per sector. Adjusted functionality in DeTT&CT to support the use of 'weight' in group files.
2019-05-15 14:43:25 +02:00