attack2jira
The MITRE ATT&CK Framework is a great tool security teams can leverage to, among many other things, measure the security posture of an organization against tactics and techniques used in the wild by real threat actors.
At the time of writing, ATT&CK covers 266 Techniques across 12 Tactics. If done manually, tracking this posture's state over time can become a tedious and challenging task. Blue/Purple teams require the proper tools that allow them to efficiently tackle this challenge and focus on whats important.
attack2jira automates the process of standing up a Jira environment that can be used to track and measure ATT&CK coverage. No more spreadsheets !
Visit the Wiki to view the Demos. attack2jira was first presented at ATT&CKCon 2.0. For more context, read this blog post.
To allow the community to experiment with this approach, I created a Jira instance hosting the ATTACK project with attack2jira: https://attack.atlassian.net/jira/software/c/projects/ATTACK/issues/
attack2jira was designed to be used with Jira Cloud. Specifically, Jira Software.
Tested on Kali Linux 2018.4 and Windows 10 1830 under Python 3.6 and Python 3.7.
Quick Start Guide
Installation
$ git clone https://github.com/mvelazc0/attack2jira.git
$ pip3 install -r attack2jira/requirements.txt
Jira Software
- You will need a Jira Software Cloud environment.
- You can set up a free trial environment for up to 10 users here.
- Admin access is required
Usage
Print the help menu
$ python3 attack2jira.py -h
Create the Jira ATTACK project and issues
$ python3 attack2jira.py -url https://yourjiracloud.atlassian.net -u [email protected] -a initialize
Create the Jira ATTACK project with custom project and key
$ python3 attack2jira.py -url https://yourjiracloud.atlassian.net -u [email protected] -a initialize -p 'ATTACK Coverage' -k ATT
Export an ATTACK Navigator JSON layer
$ python3 attack2jira.py -url https://yourjiracloud.atlassian.net -u [email protected] -a export
$ python3 attack2jira.py -url https://yourjiracloud.atlassian.net -u [email protected] -a export -hide
Demo
Acknoledgments
Authors
- Mauricio Velazco - @mvelazco
- Olindo Verrillo - @olindoverrillo
License
This project is licensed under the BSD 3-Clause License - see the LICENSE file for details