ControlCompass
commented
2 years ago Hey @brettforbes thanks for the feedback! I anticipate the project isn't currently sophisticated enough for your needs but I'm actively working on enhancements and will keep this request/feedback in mind. Let me know which data elements are most useful to you and I'll make sure my response is accurate:
The best way to programmatically access data here is via cvc.json. Each object in that json array has an ATT&CK identifier/T-code, so you could reformat this into the ATT&CK STIX schema. Note that this simply provides the "counts" of resources (e.g. detection rules) for every source covered in the dataset. The resources folder is new and provides more granularity, but the files are formatted in markdown currently. I've considered ways to make these more accessible for programmatic use (e.g. a json), but I worry about the size and complexity of rolling all these details into a single file.
Recently I've updated this all ad hoc, about once every couple months, but within another month or two, I plan to update most/all resources on a weekly cadence. Stay tuned for an update on that.
Thanks again for the feedback and let me know any more questions.
Hi,
Thanks for publishing Control Compass. It has one of the best set of linkages of data around the ATT&CK data I have seen. This is really awesome.
I am building open source software for Vaticle TypeDB, and I have already built a bi-directional Stix <-> TypeDB ORM for the OASIS stix2 python library. I am also including the ATT&CK to STIX mapping as shown by MITRE (https://github.com/mitre-attack/attack-stix-data/blob/master/USAGE.md).
Now I want to import your data into this open source database as well, using extensions to the Stix format. It really is brilliant. We will also be including an open source user interface, so we can also print it out like yours does.
Question:
Thanks