attack-control-framework-mappings
tram
attack-control-framework-mappings | tram | |
---|---|---|
3 | 3 | |
465 | 392 | |
- | 2.3% | |
4.6 | 7.9 | |
29 days ago | 3 months ago | |
Python | Jupyter Notebook | |
Apache License 2.0 | Apache License 2.0 |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
attack-control-framework-mappings
-
Is there a Mitre Att&ck mapping to NIST Threat Events?
Here's a mapping to 800-53: https://ctid.mitre-engenuity.org/our-work/nist-800-53-control-mappings/
- NIST 800-53 Control Mappings to MITRE ATT&CK. Pretty handy, if you like that sort of thing…
-
What are the most important metrics for measuring cloud and endpoint security?
BlindSPOT: https://blindspotsec.com/ Specific graphic from BlindSPOT: https://blindspotsec.com/wp-content/uploads/2021/04/Failure_Before.jpg How to Measure Anything in Cybersecurity Risk: https://www.amazon.com/dp/B01J4XYM16/ Monte Carlo simulation approach: https://embracethered.com/blog/posts/2020/red-teaming-and-monte-carlo-simulations/ D3FEND: https://d3fend.mitre.org/ ATT&CK mappings: https://github.com/center-for-threat-informed-defense/attack-control-framework-mappings ATT&CK evals: https://attackevals.mitre-engenuity.org/index.html CALDERA: https://github.com/mitre/caldera Offensive Countermeasures: https://www.amazon.com/dp/1974671690/ SPIFFE: https://spiffe.io/ SPIRE: https://github.com/spiffe/spire Zerotier: https://www.zerotier.com/ Zerotier libzt: https://github.com/zerotier/libzt
tram
-
MITRE ATT&CK Labeled CTI reports
Check out TRAM https://github.com/center-for-threat-informed-defense/tram/
- Tool for MITRE Mapping
-
TRAM: Advancing Research into Automated TTP Identification in Threat Reports.
I think you may be looking at the wrong repo: https://github.com/center-for-threat-informed-defense/tram/issues. Did you read the article? It’s basically about how it was created in 2019 but they’ve just redesigned and reworked it, that’s what the article is about.
What are some alternatives?
caldera - Automated Adversary Emulation Platform
Go-MISPFeedGenerator - Golang implementation of PyMISP-feedgenerator
ZeroTier - A Smart Ethernet Switch for Earth
adversary_emulation_library - An open library of adversary emulation plans designed to empower organizations to test their defenses based on real-world TTPs.
caldera_pathfinder - Pathfinder is a plugin for mapping network vulnerabilities, scanned by CALDERA or imported by a supported network scanner, and translating those scans into adversaries for network traversal.
DeTTECT - Detect Tactics, Techniques & Combat Threats
libzt - Encrypted P2P sockets over ZeroTier
attack-stix-data - STIX data representing MITRE ATT&CK
tram - Threat Report ATT&CKâ„¢ Mapping (TRAM) is a tool to aid analyst in mapping finished reports to ATT&CK.