Multiple website updates

center-for-threat-informed-defense / mappings-explorer

Mappings Explorer enables cyber defenders to understand how security controls and capabilities map onto the adversary behaviors catalogued in the MITRE ATT&CK® knowledge base. These mappings form a bridge between the threat-informed approach to cybersecurity and the traditional security controls perspective.

https://ctid.io/mappings-explorer

Apache License 2.0

25 stars 6 forks source link

Multiple website updates #73

Closed mehaase closed 4 months ago

mehaase commented 4 months ago

This PR contains 3 tickets:

MAPEX-170: adds the VERIS - ATT&CK Group mappings. This is quick and dirty to get them onto the website, and I opened up another ticket to improve handling of ATT&CK Groups in the future. If you go to the VERIS landing page (for 1.3.7 and 12.1), you'll see a link to download the ATT&CK Group mappings in the original JSON format (note: not in the mapex schema.)
MAPEX-141: update the README to describe various modes of public contribution.
MAPEX-163: add project scope/methodology documents to framework landing pages.

codecov[bot] commented 4 months ago

Welcome to Codecov :tada:

Once merged to your default branch, Codecov will compare your coverage reports and display the results in this comment.

Thanks for integrating Codecov - We've got you covered :open_umbrella:

mehaase commented 4 months ago

@tiffb Can you take a look at this? A few things to look at:

I added pages to the "About" section for:
- CVE Methodology
- NIST Methodology
- NIST Scope
- SSM Methodology
- VERIS Methodology
The new pages are also linked from their respective framework pages, e.g. the CVE page links to the CVE methodology.
The VERIS groups file can be downloaded from the VERIS page.
Updated the README to include some more contribution details (and also re-arranged the existing content to match our other projects)