Comments (2)
seansica
commented on May 23, 2024
1
Your understanding sounds correct.
CVE is a knowledge-base that aggregates known vulnerabilities. It serves as a historical reference and as a source of truth for vulnerabilities.
ATT&CK is a vendor-agnostic framework that can characterize vulnerabilities to help defenders analyze or break down the methodologies behind the vulnerability.
STIX is a common format by which cyber threat intelligence (CTI) information can be exchanged. ATT&CK is represented in STIX.
This article discusses how CVE and ATT&CK can be used in parallel to assess vulnerability impacts.
from attack-stix-data.
adampennin
commented on May 23, 2024
ATT&CK and CVE are also managed by completely separate organizations within MITRE, with no overlap in staff. ATT&CK describes behaviors that real-world adversaries have performed in the wild, which often don't involve vulnerabilities (most of ATT&CK is adversaries leveraging intentional features). MITRE has quite a few different frameworks beyond ATT&CK and CVE, if you wanted to look at a more closely aligned set you could check out CVE, CWE, and CAPEC.
from attack-stix-data.
Related Issues (20)
- found registry hive typo in enterprise-mitre v11.3 json HOT 4
- Description of WMI Creation added to multiple other data sources
- Invalid UUID in enterprise-attack.json
- M1027
- Broken Links to data source entries in STIX file HOT 1
- Question: Do relationships include custom Attack properties?
- Have a field for superseded entry in enterprise-attack.json HOT 2
- Cyclic refs in stix-capec.json
- Missing reference for x_mitre_platforms property on relationships
- Question: How to get the relevant APTs or TTPs of a certain indicator.
- Kill Chain (phase_name) may not match Tactic (x_mitre_shortname) HOT 1
- v13.0 bundle ids match in both mitre/cti and mitre-attack/attack-stix-data, but content is different
- ATT&CK's STIX Property Extensions Use Deprecated Standard HOT 1
- Please update Usage docs when introducing new fields
- Discussion: stix data terms of use can block contributions to CNCF projects HOT 3
- v13.1 having Duplicated G0097 and S0302 spanning both [enterprise-attack and mobile-attack] Stix JSON files HOT 1
- Use TAGs for the corresponding version of MITRE ATT&CK HOT 1
- Bug: All MITRE ATT&CK ICS Techniques have "x_mitre_platforms": [ "None" ] HOT 7
- Software Discovery HOT 1
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from attack-stix-data.