Closed marcusbakker closed 2 years ago
Hi @isaisabel, @jondricek and the ATT&CK team,
This inconsistency breaks our DeTT&CT pipeline, we would appreciate if you could look at this PR soon.
Regards, Ruben
Thanks for the contribution, and sorry for the delayed response. While we don't take pull requests directly into this repository, I'll pass the information provided here to the ICS team so they can make the required fixes on our internal ATT&CK Workbench instance for the next ATT&CK release. Version 11.3 will be released in July and I'll plan to have the team address this by then.
We just released v11.3 today, which includes these changes. Please be aware that the v12 release planned for October will have "source_name": "mitre-attack"
for all Techniques from Enterprise, Mobile, and ICS. You will need to read the x_mitre_domains
field on STIX Technique/attack-pattern objects to parse this in the future. I'm going to close this Pull Request now, but if you have further comments, feel free to leave them here.
"x_mitre_domains": [
"ics-attack"
],
Thanks for the heads-up Jared!
Hi ATT&CK team,
I've noticed that in 11 attack patterns for ICS the
source_name
within theexternal_references
is incorrect as it has the valuemitre-attack
instead ofmitre-ics-attack
.Regards, Marcus