mitre-attack / tram

Threat Report ATT&CK™ Mapping (TRAM) is a tool to aid analyst in mapping finished reports to ATT&CK.

Apache License 2.0

344 stars 65 forks source link

Support for ATT&CK sub-techniques #64

Closed rubinatorz closed 2 years ago

rubinatorz commented 3 years ago

Please Describe The Problem To Be Solved

July 8 MITRE released the sub-techniques version of ATT&CK. I would like to know when TRAM is going to support this sub-techniques release. I now need to run TRAM with "taxii-local: local-json" in the config file providing an old version of the STIX objects. It would be great to run TRAM against the online TAXII server and also to have support for mapping threat intelligence to sub-techniques.

Proposed Change

Support for sub-techniques.

rkzhang95 commented 3 years ago

same question

MarkDavidson commented 2 years ago

Hello @rubinatorz and thank you for the feature request! TRAM has moved to https://github.com/center-for-threat-informed-defense/tram/ and supports the subtechnique update of ATT&CK, so I am closing this issue.

Thank you!

rubinatorz commented 2 years ago

Yeah, I saw it! That's great!