alatif113
commented
10 months ago Is there a JSON equivalent for d3fend? Can definitely add, would just need to format the data in a way the visualization can read it.
Closed jacobappleton-orbis closed 9 months ago
alatif113
commented
10 months ago Is there a JSON equivalent for d3fend? Can definitely add, would just need to format the data in a way the visualization can read it.
jacobappleton-orbis
commented
9 months ago I can see a few different JSON ontology files here: https://d3fend.mitre.org/resources/ontology/.
There's also an API that can be queried, which might provide more useful JSON data: https://d3fend.mitre.org/api-docs/
alatif113
commented
9 months ago Thanks for the references. This has been added in version 1.8.0 available here while it goes through SplunkBase app inspection. Your data will need to have rows aligned to D3FEND technique IDs (e.g., D3-SVCDM for Service Dependency Mapping)
First off, thanks for building an awesome visualisation tool - it really helps to visualise coverage of MITRE ATT&CK!
I'd love to be able to do the same thing with MITRE D3FEND: https://d3fend.mitre.org/ so that we can map things like the D3FEND tactics from SOAR playbook tags (ingested via SOAR app for Splunk) onto that framework.
The data model has a similar structure to MITRE ATT&CK, so I imagine this should be possible to achieve.
Happy to get involved to help make this happen.