Admin Guide

Synapse-MITRE ATT&CK Admin Guide

Configuration

Synapse-MITRE ATT&CK does not require any API keys to be configured to use.

Dependencies

Synapse-MITRE ATT&CK requires the following Power-Ups to be installed:

Name   : synapse-fileparser
Version: >=4.3.0,<5.0.0
Desc   : Synapse-FileParser is required in order to use the mitre.attack.scrapefile command.

Synapse-MITRE ATT&CK will conflict with the following Power-Ups:

Name   : mitre-attack
Version: any
Desc   : Synapse-MITRE ATT&CK conflicts with a deprecated Power-Up named "mitre-attack".

Permissions

Package (synapse-mitre-attack) defines the following permissions:
power-ups.mitre-attack.user      : Controls user access to Synapse-MITRE ATT&CK. ( default: false )

You may add rules to users/roles directly from storm:

> auth.user.addrule visi power-ups.mitre-attack.user
Added rule power-ups.mitre-attack.user to user visi.

or:

> auth.role.addrule ninjas power-ups.mitre-attack.user
Added rule power-ups.mitre-attack.user to role ninjas.

Exported APIs

Synapse-MITRE ATT&CK does not currently export any APIs.

Node Actions

Synapse-MITRE ATT&CK provides the following node actions in Optic:

Name : mitre.attack.enrich
Desc : Enrich nodes using Synapse-MITRE ATT&CK
Forms: media:news, inet:web:post

Onload Events

Synapse-MITRE ATT&CK does not use any onload events.