Closed SofiaArancibia closed 5 years ago
HI @SofiaArancibia - one option that doesn't require downloading the ATT&CK STIX content is querying our TAXII server instead. This blog post gives an example of how to do this using the stix2/taxii2client Python libraries. If you're just looking for the techniques in the enterprise matrix, you can just filter on attack-patterns as seen in that example.
If you aren't using Python, another thing you can do is send a GET request for the full set of raw domain STIX/JSON content found at https://raw.githubusercontent.com/mitre/cti/master/enterprise-attack/enterprise-attack.json (these also can be found for ATT&CK for Mobile or PRE-ATT&CK). Then you can parse the ATT&CK content using whatever method you choose.
Hopefully this helps, but if you have any further questions please let us know!
Closing as this appears to be resolved.
From here I understand that in order to query MITRE matrix I need to download
enterprise-attack
data source (for instance). But how can I query the matrix without downloading anything?