Integration with Mitre ATT&CK Loaded through OASIS Stix2
brettforbes opened this issue · comments
Hi
I have recently built a Vaticle TypeDB DataStore for the OASIS Stix2 (https://github.com/oasis-open/cti-python-stix2), using a bi-directional Stix <-> TypeDB ORM. So, using Python one can simply add and retrieve Stix objects to/from TypeDB.
I aim to extend it to load the MITRE ATT&CK data, as shown by their documentation (https://github.com/mitre-attack/attack-stix-data/blob/master/USAGE.md).
Question, is there a way to integrate your library with this infrastructure? Can you advise please? thanks
@brettforbes Hell Brett, not sure I'm 100% understanding your question but I am working on a data model for MITRE ATT&CK framework(s) which can be found here: https://github.com/swimlane/pyattck-data
Does this help?
@MSAdministrator I think what he meant is that the pyattack-data library should provide also an interface to serialize/deserialize the pydantic objects into STIX2.1.
However I think the easiest solution will just be to consume the Generated Data Access which seems to be STIX2.1 compliant?
@priamai okay, that makes sense.
You can utilize attrs
to convert from objects to dict.
For example,
import requests
from attrs import asdict
from pyattck_data import MitreAttck
resp = requests.get('https://raw.githubusercontent.com/mitre/cti/master/enterprise-attack/enterprise-attack.json').json()
data = MitreAttck(**resp)
# data is now a attrs object
# to convert it just use the asdict
print(asdict(data))
@brettforbes Does this solve the issue you were thinking?
fortunately i have @priamai working with me, so he can explain it to me, sorry i am a bit slow on the uptake
Ahh no worries! Attrs is weird to get use to but powerful! I believe what I provided should output a stix compliant dictionary which would then be written out to Json
Hi there,
from pyattck_data import MitreAttck
I am getting this error:
ImportError: cannot import name 'MitreAttck' from 'pyattck_data'
Is there a pip package to install it?