Hello everyone, and thank you for the great work you are doing with Navigator - it is an amazing tool! Nevertheless, I do have a request related to a "twice-a-year issue" connected with its use...
Since I (and - I assume - a lot of other people) use Navigator layers as a way to document detection coverage, threat models etc. in various environments/for various systems, it means that if I want these materials to stay up-to-date, I need to upgrade them every time a new version of ATT&CK is published. However, the current upgrade process is really not suited to upgrading layers containing hundred or more annotated (sub-)techniques (not to mention upgrading multiple such layers at a time). I would therefore like to ask if it would be possible to add an option for a "simplified upgrade", which would automatically copy all annotations on all techniques, which were "just" updated in between ATT&CK versions, and only asked for explicit user input for those techniques where, for example, mapping to tactics has changed, or where two techniques were merged between ATT&CK versions.
Since this would make the upgrade process manageable even for complexly annotated layers made with old ATT&CK versions, I'm sure it would save significant amounts of work to many people like me... And - as a bonus - it would make sensor mappings and similar MITRE/Engenuity projects made with older ATT&CK versions much more useful given that one could upgrade the mappings layers made for ATT&CK v8 to v15 (or v16) with just a few clicks, instead with few hundred, which would be realistically required today.
Hello everyone, and thank you for the great work you are doing with Navigator - it is an amazing tool! Nevertheless, I do have a request related to a "twice-a-year issue" connected with its use...
Since I (and - I assume - a lot of other people) use Navigator layers as a way to document detection coverage, threat models etc. in various environments/for various systems, it means that if I want these materials to stay up-to-date, I need to upgrade them every time a new version of ATT&CK is published. However, the current upgrade process is really not suited to upgrading layers containing hundred or more annotated (sub-)techniques (not to mention upgrading multiple such layers at a time). I would therefore like to ask if it would be possible to add an option for a "simplified upgrade", which would automatically copy all annotations on all techniques, which were "just" updated in between ATT&CK versions, and only asked for explicit user input for those techniques where, for example, mapping to tactics has changed, or where two techniques were merged between ATT&CK versions.
Since this would make the upgrade process manageable even for complexly annotated layers made with old ATT&CK versions, I'm sure it would save significant amounts of work to many people like me... And - as a bonus - it would make sensor mappings and similar MITRE/Engenuity projects made with older ATT&CK versions much more useful given that one could upgrade the mappings layers made for ATT&CK v8 to v15 (or v16) with just a few clicks, instead with few hundred, which would be realistically required today.