[MITRE] Common Attack Pattern Enumeration and Classification (CAPEC™) 3.2 connector

[2xyo]

Problem to Solve

I would like to map techniques employed by adversaries to exploit known weaknesses in cyber-enabled capabilities. (e.g., SQL Injection, XSS, Session Fixation, Clickjacking)

The Common Attack Pattern Enumeration and Classification (CAPEC™) is the de facto standard to meet this need.

Proposed Solution

• Add https://raw.githubusercontent.com/mitre/cti/master/capec/stix-capec.json to the MITRE connector
• Update the Grakn schema to handle new attributes
• Update the UI

Additional Information

• https://capec.mitre.org/about/index.html
• https://capec.mitre.org/about/attack_comparison.html
• https://capec.mitre.org/about/use_cases.html
  • Application Testing
    • [UC-1] Security Test Case Identification and Construction: CAPEC assists testers to construct systematic and real-world attack scenarios.
    • [UC-2] Red Teaming Template Creation: Attack Patterns provide an excellent resource for defining penetration testing templates for red teams.
  • Analysis
    • [UC-3] Incident Response and Threat Analysis | Knowledge of the attack patterns enables responders to better align mitigation strategies.
    • [UC-4] Compliance Analysis | Support measuring compliance with industry standards and guidelines.
    • [UC-5] Malware Behavior Analysis | Relate the behavior of malicious code to attack patterns.
    • [UC-6] Threat Characterization and Attribution | Provide assistance in characterizing and eventually supporting attribution of threats from observed attack instances.
    • ...
  • Threat Modeling
    • [UC-12] Threat Modeling: Mapping relevant threats and likely actions against the specific attack surface of the software to place threat information in an objective and actionable context.
  • ...

[2xyo]

Thanks @SamuelHassine :)