Changelog

Synapse-MITRE ATT&CK Changelog

v2.0.0 - 2024-04-01

Features and Enhancements

  • Populate it:mitre:attack:*:references, but no longer create referenced media:news nodes.

  • Set it:mitre:attack:software:name to the MITRE id, and add the MITRE name to :names.

  • Set it:mitre:attack:campaign:name to the MITRE id, and add the MITRE name to :names.

  • Updates to the mitre.attack.translate command.

    • Deconflict all translated nodes using :reporter:name and :mitre:attack:* properties. This will cause mitre.attack.translate to create new nodes unless the former is set to mitre and the latter is set to the MITRE id.

    • Always set :reporter on translated nodes.

    • Set :tag=rep.mitre.<mitre_id> instead of copying the deprecated :tag property.

    • Add -(uses)> relationship between the translated ou:campaign and MITRE software and techniques.

    • Tag the translated ou:campaign with the tag property from the translated MITRE groups.

    • Add -(uses)> relationship between the translated risk:threat and MITRE software and techniques.

    • Add -(uses)> relationship between the translated risk:tool:software and MITRE techniques.

    • Add meta:source -(seen)> to all translated nodes.

v1.9.0 - 2024-03-04

Features and Enhancements

  • Add support for it:mitre:attack:mitigation to the mitre.attack.translate command.

  • Update $lib.bytes usage with $lib.axon APIs.

v1.8.2 - 2024-02-20

Features and Enhancements

  • Update deprecated $lib.dict() usage to JSON style syntax.

v1.8.1 - 2024-02-09

Bugfixes

  • Updated help for mitre.attack.translate to include info about translating it:mitre:attack:campaign nodes to ou:campaign nodes.

v1.8.0 - 2024-01-05

Features and Enhancements

  • Populate it:mitre:attack:group:software property when processing relationships for groups using software.

  • Update mitre.attack.* commands with support for it:mitre:attack:campaign.

Bugfixes

  • Fixed incorrect form names in the description of the mitre.attack.sync command.

v1.7.0 - 2023-10-11

Features and Enhancements

  • Add MITRE ATT&CK technique ID to the ou:technique:name when using mitre.attack.translate.

  • Add MITRE ATT&CK matrix into the name property for techniques, tactics, and mitigations.

v1.6.0 - 2023-07-05

Features and Enhancements

  • Add MITRE ATT&CK ICS matrix to mitre.attack.sync command.

v1.5.1 - 2023-06-20

Bugfixes

  • Properly extract the Tactics associated with a Technique.

v1.5.0 - 2023-04-11

Features and Enhancements

  • Add a --yield option to mitre.attack.sync.

  • Add mitre.attack.translate command which can translate the following nodes:

    • it:mitre:attack:group to risk:threat

    • it:mitre:attack:software to risk:tool:software

    • it:mitre:attack:technique to ou:technique

  • Mark the Synapse-FileParser dependency as optional.

v1.4.0 - 2022-09-28

Features and Enhancements

  • Add the default URLS to the mitre.attack.sync help output.

  • Add dependency requirements to package definition.

v1.3.0 - 2022-04-20

Features and Enhancements

  • Additionally populate the Mobile ATT&CK definitions when using the mitre.attack.sync command.

  • Skip populating media:news:org properties with overly specific source_name values.

  • MITRE ATT&CK now implements the scrape interface.

v1.2.0 - 2021-12-16

Features and Enhancements

  • Populate it:mitre:attack:software:names when using the mitre.attack.sync command.

v1.1.0 - 2021-10-28

Features and Enhancements

  • Added mitre.attack.scrapefile command

v1.0.1 - 2021-08-20

Bugfixes

  • Updated description in docs and definition

v1.0.0 - 2021-08-13

Features and Enhancements

  • Initial release of Synapse-MITRE ATT&CK v1.0.0