Fix validation errors for network_traffic

center-for-threat-informed-defense / attack-flow

Attack Flow helps executives, SOC managers, and defenders easily understand how attackers compose ATT&CK techniques into attacks by developing a representation of attack flows, modeling attack flows for a small corpus of incidents, and creating visualization tools to display attack flows.

https://ctid.io/attack-flow

Apache License 2.0

522 stars 83 forks source link

Fix validation errors for network_traffic #77

Closed mehaase closed 11 months ago

mehaase commented 1 year ago

protocols requires at least one item in the list
network traffic must have either a src_ref or a dst_ref, which in turn must be an IP, MAC, or domain name node

The latter point is rather complicated, because it needs to be handled at both the validator and publisher level, and it means that a network traffic's parent can be embedded in the network traffic if the parent has the proper type.

sonarcloud[bot] commented 11 months ago

Kudos, SonarCloud Quality Gate passed!

0 Bugs
0 Vulnerabilities
0 Security Hotspots
1 Code Smell

No Coverage information
0.0% Duplication