search

mitre / cti

Cyber Threat Intelligence Repository expressed in STIX 2.0
Other
1.71k stars 410 forks source link

Missing Some Records in 'Data Sources' #219

Closed Naveen6557 closed 1 year ago

Naveen6557 commented 1 year ago

Hi

Some records are missing in 'Data Sources'.

i am using 'mitre-object.get_datasources(remove_revoked_deprecated=True)' method to pull all the Data Sources from 'enterprise-attack.json' file.

The above method is returning only 37 records where the UI is showing 41 records

The below given records are missing

Screenshot 2023-08-14 at 09 34 42 Screenshot 2023-08-14 at 09 34 52 Screenshot 2023-08-14 at 09 35 05 Screenshot 2023-08-14 at 09 35 22

Can any one help on this please

Thank you

clemiller commented 1 year ago

Hi @Naveen6557,

The list of Data Sources on the ATT&CK website is the complete list of Data Sources in Enterprise, Mobile, and ICS (altogether there are 41). Enterprise contains only 37 Data Sources. The 4 Data Sources you've listed above have relationships only with Mobile (DS0041 & DS0042) or ICS (DS0039 & DS0040) techniques and are not a part of the Enterprise dataset. If you would like to retrieve all 41 listed Data Sources, you would need to call get_datasources() on Enterprise, Mobile, and ICS.