allan-korol
commented
2 months ago Looking more into the current code of the import, the files app/util/db/* do the heavy lifting. In particular the create/attack/init.py.
The tact_tech_map function is similar to what is needed for the mitigation imports (the equivalent being mit_tech_map).
This can provide a template of what needs to be done to implement the mitigations import into the database.
With respect to this issue, identifiers are generated by the program, and columns (such as shortname) are used to find tactics/techniques in the database based on their T/TA #.
The current data that is loaded by the convert.py script does not contain 'id' fields for entities, as the enterprise-attack json files do.
To load data into a database and allow it to be updated, deterministic identifiers need to be constructed for entities extracted from the mappings.xlsx.