Open himynamesdave opened 10 months ago
It appears a lot of the code for object has been copied from ATT&CK repo (which is fine). However, it seems some hardcoded values have been incorrectly copied across, in kill_chain_phases and external_references, e.g.
kill_chain_phases
external_references
"kill_chain_phases": [ { "kill_chain_name": "mitre-attack", "phase_name": "drive-online-harms" } ], "external_references": [ { "source_name": "mitre-attack", "url": "https://github.com/DISARMFoundation/DISARM_framework/blob/master/techniques/T0048.004.md", "external_id": "T0048.004" } ],
Suggestion to replace hardcoded mitre-attack with DISARM
mitre-attack
DISARM
Can confirm, does not affect ATT&CK Navigator support
https://raw.githubusercontent.com/signalscorps/DISARM-STIX2/main/output/DISARM.json
It appears a lot of the code for object has been copied from ATT&CK repo (which is fine). However, it seems some hardcoded values have been incorrectly copied across, in
kill_chain_phases
andexternal_references
, e.g.Suggestion to replace hardcoded
mitre-attack
withDISARM