Changelog

Synapse-MITRE ATT&CK Changelog

v2.3.0 - 2025-01-17

Features and Enhancements

• Updated deprecated $lib.list() usage to JSON style syntax.

v2.2.0 - 2024-06-28

Features and Enhancements

• The mitre.attack.sync command now creates it:mitre:attack:datasource and it:mitre:attack:data:component nodes.

v2.1.0 - 2024-05-15

Documentation

• Added migration documentation to the Admin Guide.

v2.0.0 - 2024-04-01

Features and Enhancements

• Populate it:mitre:attack:*:references, but no longer create referenced media:news nodes.

• Set it:mitre:attack:software:name to the MITRE id, and add the MITRE name to :names.

• Set it:mitre:attack:campaign:name to the MITRE id, and add the MITRE name to :names.

• Updates to the mitre.attack.translate command.

  • Deconflict all translated nodes using :reporter:name and :mitre:attack:* properties. This will cause mitre.attack.translate to create new nodes unless the former is set to mitre and the latter is set to the MITRE id.

  • Always set :reporter on translated nodes.

  • Set :tag=rep.mitre.<mitre_id> instead of copying the deprecated :tag property.

  • Add -(uses)> relationship between the translated ou:campaign and MITRE software and techniques.

  • Tag the translated ou:campaign with the tag property from the translated MITRE groups.

  • Add -(uses)> relationship between the translated risk:threat and MITRE software and techniques.

  • Add -(uses)> relationship between the translated risk:tool:software and MITRE techniques.

  • Add meta:source -(seen)> to all translated nodes.

v1.9.0 - 2024-03-04

Features and Enhancements

• Add support for it:mitre:attack:mitigation to the mitre.attack.translate command.

• Update $lib.bytes usage with $lib.axon APIs.

v1.8.2 - 2024-02-20

Features and Enhancements

• Update deprecated $lib.dict() usage to JSON style syntax.

v1.8.1 - 2024-02-09

Bugfixes

• Updated help for mitre.attack.translate to include info about translating it:mitre:attack:campaign nodes to ou:campaign nodes.

v1.8.0 - 2024-01-05

Features and Enhancements

• Populate it:mitre:attack:group:software property when processing relationships for groups using software.

• Update mitre.attack.* commands with support for it:mitre:attack:campaign.

Bugfixes

• Fixed incorrect form names in the description of the mitre.attack.sync command.

v1.7.0 - 2023-10-11

Features and Enhancements

• Add MITRE ATT&CK technique ID to the ou:technique:name when using mitre.attack.translate.

• Add MITRE ATT&CK matrix into the name property for techniques, tactics, and mitigations.

v1.6.0 - 2023-07-05

Features and Enhancements

• Add MITRE ATT&CK ICS matrix to mitre.attack.sync command.

v1.5.1 - 2023-06-20

Bugfixes

• Properly extract the Tactics associated with a Technique.

v1.5.0 - 2023-04-11

Features and Enhancements

• Add a --yield option to mitre.attack.sync.

• Add mitre.attack.translate command which can translate the following nodes:

  • it:mitre:attack:group to risk:threat

  • it:mitre:attack:software to risk:tool:software

  • it:mitre:attack:technique to ou:technique

• Mark the Synapse-FileParser dependency as optional.

v1.4.0 - 2022-09-28

Features and Enhancements

• Add the default URLS to the mitre.attack.sync help output.

• Add dependency requirements to package definition.

v1.3.0 - 2022-04-20

Features and Enhancements

• Additionally populate the Mobile ATT&CK definitions when using the mitre.attack.sync command.

• Skip populating media:news:org properties with overly specific source_name values.

• MITRE ATT&CK now implements the scrape interface.

v1.2.0 - 2021-12-16

Features and Enhancements

• Populate it:mitre:attack:software:names when using the mitre.attack.sync command.

v1.1.0 - 2021-10-28

Features and Enhancements

• Added mitre.attack.scrapefile command

v1.0.1 - 2021-08-20

Bugfixes

• Updated description in docs and definition

v1.0.0 - 2021-08-13

Features and Enhancements

• Initial release of Synapse-MITRE ATT&CK v1.0.0