Attack Flow helps executives, SOC managers, and defenders easily understand how attackers compose ATT&CK techniques into attacks by developing a representation of attack flows, modeling attack flows for a small corpus of incidents, and creating visualization tools to display attack flows.
This branch was created to tackle some small tickets that did not take enough work to justify multiple branches. Main work consists of adding cases for attaching object refs, and associated validation warnings.
Tickets encapsulated:
[x] AF-164: Report
publishing with object references
validator warning to block publishing without object references
[ ] AF-165: Observed data (in-progress for restricting type of attached object)
publishing with object references
validator warning to block publishing without object references
remaining task:
validator blocking for incorrect attached object type (must be of type observable
[x] AF-167: Autonomous system
small fix to publish with incorrect type for number
[x] AF-169: Grouping
publishing with object references
validator warning to block publishing without object references
This branch was created to tackle some small tickets that did not take enough work to justify multiple branches. Main work consists of adding cases for attaching object refs, and associated validation warnings.
Tickets encapsulated:
observable
number