Skip to content

Commit

Permalink
updated matrix descriptions
Browse files Browse the repository at this point in the history
  • Loading branch information
@adpare
adpare committed Sep 10, 2024
1 parent d8aad19 commit aba55e7
Showing 1 changed file with 35 additions and 48 deletions.
83 changes: 35 additions & 48 deletions modules/matrices/matrices_config.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -49,9 +49,8 @@
"macOS",
"Linux",
"PRE",
"Azure AD",
"Office 365",
"Google Workspace",
"Office Suite",
"Identity Providers",
"SaaS",
"IaaS",
"Network",
Expand All @@ -64,88 +63,79 @@
"type": "local",
"matrix": "enterprise-attack",
"path": "enterprise/pre",
"platforms": ["PRE"],
"descr": "Below are the tactics and techniques representing the MITRE ATT&CK<sup>&reg;</sup> Matrix for Enterprise covering preparatory techniques.",
"platforms": [],
"descr": "Below are the tactics and techniques representing the MITRE ATT&CK<sup>&reg;</sup> PRE platform. The techniques below take place outside of the victim environment, often as a preparatory measure to support targeting.",
"subtypes": [],
},
{
"name": "Windows",
"type": "local",
"matrix": "enterprise-attack",
"path": "enterprise/windows",
"platforms": ["Windows"],
"descr": "Below are the tactics and techniques representing the MITRE ATT&CK<sup>&reg;</sup> Matrix for Enterprise. ",
"platforms": [],
"descr": "Below are the tactics and techniques representing the MITRE ATT&CK<sup>&reg;</sup> Windows platform. The techniques below are known to target hosts running Microsoft Windows operating systems.",
"subtypes": [],
},
{
"name": "macOS",
"type": "local",
"matrix": "enterprise-attack",
"path": "enterprise/macos",
"platforms": ["macOS"],
"descr": "Below are the tactics and techniques representing the MITRE ATT&CK<sup>&reg;</sup> Matrix for Enterprise. ",
"platforms": [],
"descr": "Below are the tactics and techniques representing the MITRE ATT&CK<sup>&reg;</sup> macOS platform. The techniques below are known to target hosts running macOS operating systems.",
"subtypes": [],
},
{
"name": "Linux",
"type": "local",
"matrix": "enterprise-attack",
"platforms": ["Linux"],
"platforms": [],
"path": "enterprise/linux",
"descr": "Below are the tactics and techniques representing the MITRE ATT&CK<sup>&reg;</sup> Matrix for Enterprise. ",
"descr": "Below are the tactics and techniques representing the MITRE ATT&CK<sup>&reg;</sup> Linux platform. The techniques in the below matrix are known to target hosts running Linux operating systems.",
"subtypes": [],
},
{
"name": "Cloud",
"type": "local",
"matrix": "enterprise-attack",
"path": "enterprise/cloud",
"platforms": ["Azure AD", "Office 365", "Google Workspace", "SaaS", "IaaS"],
"descr": "Below are the tactics and techniques representing the MITRE ATT&CK<sup>&reg;</sup> Matrix for Enterprise covering cloud-based techniques.",
"platforms": ["Office Suite", "Identity Providers", "SaaS", "IaaS"],
"descr": "Below are the tactics and techniques representing the MITRE ATT&CK<sup>&reg;</sup> cloud platforms.",
"subtypes": [
{
"name": "Office 365",
"name": "Office Suite",
"type": "local",
"matrix": "enterprise-attack",
"path": "enterprise/cloud/office365",
"platforms": ["Office 365"],
"descr": "Below are the tactics and techniques representing the MITRE ATT&CK<sup>&reg;</sup> Matrix for Enterprise covering cloud-based techniques. ",
"path": "enterprise/cloud/officesuite",
"platforms": [],
"descr": "Below are the tactics and techniques representing the MITRE ATT&CK<sup>&reg;</sup> Office Suite platform. The techniques in the below matrix are known to target cloud-based office application suites such as Microsoft 365 and Google Workspace. Office application suites are SaaS platforms that typically combine email, chat, document management, and automation functionality for use in a collaborative environment.",
"subtypes": [],
},
{
"name": "Azure AD",
"name": "Identity Providers",
"type": "local",
"matrix": "enterprise-attack",
"path": "enterprise/cloud/azuread",
"platforms": ["Azure AD"],
"descr": "Below are the tactics and techniques representing the MITRE ATT&CK<sup>&reg;</sup> Matrix for Enterprise covering cloud-based techniques. ",
"subtypes": [],
},
{
"name": "Google Workspace",
"type": "local",
"matrix": "enterprise-attack",
"path": "enterprise/cloud/googleworkspace",
"platforms": ["Google Workspace"],
"descr": "Below are the tactics and techniques representing the MITRE ATT&CK<sup>&reg;</sup> Matrix for Enterprise covering cloud-based techniques. ",
"path": "enterprise/cloud/identityproviders",
"platforms": [],
"descr": "Below are the tactics and techniques representing the MITRE ATT&CK<sup>&reg;</sup> Identity Providers platform. The techniques below are known to target cloud-based identity-as-a-service (IDaaS) platforms such as Microsoft Entra ID and Okta. Identity providers are SaaS platforms that support identity management and single sign-on across multiple applications.",
"subtypes": [],
},
{
"name": "SaaS",
"type": "local",
"matrix": "enterprise-attack",
"path": "enterprise/cloud/saas",
"platforms": ["SaaS"],
"descr": "Below are the tactics and techniques representing the MITRE ATT&CK<sup>&reg;</sup> Matrix for Enterprise covering cloud-based techniques. ",
"platforms": [],
"descr": "Below are the tactics and techniques representing the MITRE ATT&CK<sup>&reg;</sup> SaaS platform. The techniques below are known to target cloud-based software-as-a-service (SaaS) platforms. SaaS encompasses cloud-hosted applications with a variety of functionality.",
"subtypes": [],
},
{
"name": "IaaS",
"type": "local",
"matrix": "enterprise-attack",
"path": "enterprise/cloud/iaas",
"platforms": ["IaaS"],
"descr": "Below are the tactics and techniques representing the MITRE ATT&CK<sup>&reg;</sup> Matrix for Enterprise covering cloud-based techniques. ",
"platforms": [],
"descr": "Below are the tactics and techniques representing the MITRE ATT&CK<sup>&reg;</sup> IaaS platform. The techniques below are known to target cloud-based infrastructure-as-a-service (IaaS) platforms. IaaS encompasses cloud-hosted infrastructure, such as virtual machines, object storage, databases, and serverless functionality.",
"subtypes": [],
},
],
Expand All @@ -155,17 +145,17 @@
"type": "local",
"matrix": "enterprise-attack",
"path": "enterprise/network",
"platforms": ["Network"],
"descr": "Below are the tactics and techniques representing the MITRE ATT&CK<sup>&reg;</sup> Matrix for Enterprise covering techniques against network infrastructure devices. ",
"platforms": [],
"descr": "Below are the tactics and techniques representing the MITRE ATT&CK<sup>&reg;</sup> Network platform. The techniques below are known to target network devices such as routers, switches, and load balancers.",
"subtypes": [],
},
{
"name": "Containers",
"type": "local",
"matrix": "enterprise-attack",
"path": "enterprise/containers",
"platforms": ["Containers"],
"descr": "Below are the tactics and techniques representing the MITRE ATT&CK<sup>&reg;</sup> Matrix for Enterprise covering techniques against container technologies. ",
"platforms": [],
"descr": "Below are the tactics and techniques representing the MITRE ATT&CK<sup>&reg;</sup> Containers platform. The techniques below are known to target containers and container orchestration systems such as Kubernetes.",
"subtypes": [],
},
],
Expand All @@ -176,16 +166,15 @@
"matrix": "mobile-attack",
"path": "mobile",
"platforms": ["Android", "iOS"],
"descr": "Below are the tactics and techniques representing the two MITRE ATT&CK<sup>&reg;</sup> Matrices for Mobile. "
"The Matrices cover techniques involving device access and network-based effects that can be used by adversaries without device access. ",
"descr": "Below are the tactics and techniques representing the MITRE ATT&CK<sup>&reg;</sup> Matrix for Mobile. The Matrix covers techniques involving device access and network-based effects that can be used by adversaries without device access.",
"subtypes": [
{
"name": "Android",
"type": "local",
"matrix": "mobile-attack",
"path": "mobile/android",
"platforms": ["Android"],
"descr": "Below are the tactics and techniques representing the two MITRE ATT&CK<sup>&reg;</sup> Matrices for Mobile. "
"platforms": [],
"descr": "Below are the tactics and techniques representing the MITRE ATT&CK<sup>&reg;</sup> Android platform. The techniques below are known to target mobile devices running Android operating systems."
"The Matrices cover techniques involving device access and network-based effects that can be used by adversaries without device access. ",
"subtypes": [],
},
Expand All @@ -194,9 +183,8 @@
"type": "local",
"matrix": "mobile-attack",
"path": "mobile/ios",
"platforms": ["iOS"],
"descr": "Below are the tactics and techniques representing the two MITRE ATT&CK<sup>&reg;</sup> Matrices for Mobile. "
"The Matrices cover techniques involving device access and network-based effects that can be used by adversaries without device access. ",
"platforms": [],
"descr": "Below are the tactics and techniques representing the MITRE ATT&CK<sup>&reg;</sup> iOS platform. The techniques below are known to target mobile devices running iOS operating systems.",
"subtypes": [],
},
],
Expand Down Expand Up @@ -225,9 +213,8 @@
"Windows": "enterprise/windows",
"macOS": "enterprise/macos",
"Linux": "enterprise/linux",
"Azure AD": "enterprise/cloud/azuread",
"Office 365": "enterprise/cloud/office365",
"Google Workspace": "enterprise/cloud/googleworkspace",
"Office Suite": "enterprise/cloud/officesuite",
"Identity Providers": "enterprise/cloud/identityproviders",
"SaaS": "enterprise/cloud/saas",
"IaaS": "enterprise/cloud/iaas",
"Network": "enterprise/network",
Expand Down

0 comments on commit aba55e7

Please sign in to comment.