[Security Solution][Detections] Updates MITRE ATT&CK mappings to v12.1 #151931
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
spong
added
release_note:enhancement
Feature:Detection Rules
|
Pinging @elastic/security-solution (Team: SecuritySolution) |
|
Pinging @elastic/security-detections-response (Team:Detections and Resp) |
💛 Build succeeded, but was flaky
Failed CI StepsTest FailuresMetrics [docs]Async chunks
To update your PR or re-run it, just comment with: cc @spong |
kibanamachine
pushed a commit
to kibanamachine/kibana
that referenced
this pull request
Feb 23, 2023
elastic#151931) ## Summary Updates MITRE ATT&CK mappings to `v12.1`, see `detection-rules` repo update here: elastic/detection-rules#2422. Last update was to `v11.3` in elastic#137122. To update, I modified https://github.com/elastic/kibana/blob/1a19148c1818b9af3b7735a0b6001bbb6bd8d7ba/x-pack/plugins/security_solution/scripts/extract_tactics_techniques_mitre.js#L22 to point to the `ATT&CK-v12.1` tag. Then ran `yarn extract-mitre-attacks` from the root `security_solution` plugin directory, and then `node scripts/i18n_check.js --fix` from Kibana root to regen the i18n files. ### Checklist - [X] Any text added follows [EUI's writing guidelines](https://elastic.github.io/eui/#/guidelines/writing), uses sentence case text and includes [i18n support](https://github.com/elastic/kibana/blob/master/packages/kbn-i18n/README.md) (cherry picked from commit bbfa43a)
kibanamachine
pushed a commit
to kibanamachine/kibana
that referenced
this pull request
Feb 23, 2023
elastic#151931) ## Summary Updates MITRE ATT&CK mappings to `v12.1`, see `detection-rules` repo update here: elastic/detection-rules#2422. Last update was to `v11.3` in elastic#137122. To update, I modified https://github.com/elastic/kibana/blob/1a19148c1818b9af3b7735a0b6001bbb6bd8d7ba/x-pack/plugins/security_solution/scripts/extract_tactics_techniques_mitre.js#L22 to point to the `ATT&CK-v12.1` tag. Then ran `yarn extract-mitre-attacks` from the root `security_solution` plugin directory, and then `node scripts/i18n_check.js --fix` from Kibana root to regen the i18n files. ### Checklist - [X] Any text added follows [EUI's writing guidelines](https://elastic.github.io/eui/#/guidelines/writing), uses sentence case text and includes [i18n support](https://github.com/elastic/kibana/blob/master/packages/kbn-i18n/README.md) (cherry picked from commit bbfa43a)
💚 All backports created successfully
Note: Successful backport PRs will be merged automatically after passing CI. Questions ?Please refer to the Backport tool documentation |
kibanamachine
added a commit
that referenced
this pull request
Feb 23, 2023
…o v12.1 (#151931) (#152006) # Backport This will backport the following commits from `main` to `8.6`: - [[Security Solution][Detections] Updates MITRE ATT&CK mappings to v12.1 (#151931)](#151931) <!--- Backport version: 8.9.7 --> ### Questions ? Please refer to the [Backport tool documentation](https://github.com/sqren/backport) <!--BACKPORT [{"author":{"name":"Garrett Spong","email":"[email protected]"},"sourceCommit":{"committedDate":"2023-02-23T15:26:00Z","message":"[Security Solution][Detections] Updates MITRE ATT&CK mappings to v12.1 (#151931)\n\n## Summary\r\n\r\nUpdates MITRE ATT&CK mappings to `v12.1`, see `detection-rules` repo\r\nupdate here: elastic/detection-rules#2422. Last\r\nupdate was to `v11.3` in https://github.com/elastic/kibana/pull/137122.\r\n\r\nTo update, I modified \r\n\r\n\r\nhttps://github.com/elastic/kibana/blob/1a19148c1818b9af3b7735a0b6001bbb6bd8d7ba/x-pack/plugins/security_solution/scripts/extract_tactics_techniques_mitre.js#L22\r\nto point to the `ATT&CK-v12.1` tag.\r\n\r\nThen ran `yarn extract-mitre-attacks` from the root `security_solution`\r\nplugin directory, and then `node scripts/i18n_check.js --fix` from\r\nKibana root to regen the i18n files.\r\n\r\n### Checklist\r\n\r\n- [X] Any text added follows [EUI's writing\r\nguidelines](https://elastic.github.io/eui/#/guidelines/writing), uses\r\nsentence case text and includes [i18n\r\nsupport](https://github.com/elastic/kibana/blob/master/packages/kbn-i18n/README.md)","sha":"bbfa43ae58f9d2d94a124b932a26cdd6e8167aba","branchLabelMapping":{"^v8.8.0$":"main","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["release_note:enhancement","Feature:Detection Rules","Team:Detections and Resp","Team: SecuritySolution","Team:Detection Rules","v8.6.0","v8.7.0","v8.8.0"],"number":151931,"url":"https://github.com/elastic/kibana/pull/151931","mergeCommit":{"message":"[Security Solution][Detections] Updates MITRE ATT&CK mappings to v12.1 (#151931)\n\n## Summary\r\n\r\nUpdates MITRE ATT&CK mappings to `v12.1`, see `detection-rules` repo\r\nupdate here: elastic/detection-rules#2422. Last\r\nupdate was to `v11.3` in https://github.com/elastic/kibana/pull/137122.\r\n\r\nTo update, I modified \r\n\r\n\r\nhttps://github.com/elastic/kibana/blob/1a19148c1818b9af3b7735a0b6001bbb6bd8d7ba/x-pack/plugins/security_solution/scripts/extract_tactics_techniques_mitre.js#L22\r\nto point to the `ATT&CK-v12.1` tag.\r\n\r\nThen ran `yarn extract-mitre-attacks` from the root `security_solution`\r\nplugin directory, and then `node scripts/i18n_check.js --fix` from\r\nKibana root to regen the i18n files.\r\n\r\n### Checklist\r\n\r\n- [X] Any text added follows [EUI's writing\r\nguidelines](https://elastic.github.io/eui/#/guidelines/writing), uses\r\nsentence case text and includes [i18n\r\nsupport](https://github.com/elastic/kibana/blob/master/packages/kbn-i18n/README.md)","sha":"bbfa43ae58f9d2d94a124b932a26cdd6e8167aba"}},"sourceBranch":"main","suggestedTargetBranches":["8.6","8.7"],"targetPullRequestStates":[{"branch":"8.6","label":"v8.6.0","labelRegex":"^v(\\d+).(\\d+).\\d+$","isSourceBranch":false,"state":"NOT_CREATED"},{"branch":"8.7","label":"v8.7.0","labelRegex":"^v(\\d+).(\\d+).\\d+$","isSourceBranch":false,"state":"NOT_CREATED"},{"branch":"main","label":"v8.8.0","labelRegex":"^v8.8.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/151931","number":151931,"mergeCommit":{"message":"[Security Solution][Detections] Updates MITRE ATT&CK mappings to v12.1 (#151931)\n\n## Summary\r\n\r\nUpdates MITRE ATT&CK mappings to `v12.1`, see `detection-rules` repo\r\nupdate here: elastic/detection-rules#2422. Last\r\nupdate was to `v11.3` in https://github.com/elastic/kibana/pull/137122.\r\n\r\nTo update, I modified \r\n\r\n\r\nhttps://github.com/elastic/kibana/blob/1a19148c1818b9af3b7735a0b6001bbb6bd8d7ba/x-pack/plugins/security_solution/scripts/extract_tactics_techniques_mitre.js#L22\r\nto point to the `ATT&CK-v12.1` tag.\r\n\r\nThen ran `yarn extract-mitre-attacks` from the root `security_solution`\r\nplugin directory, and then `node scripts/i18n_check.js --fix` from\r\nKibana root to regen the i18n files.\r\n\r\n### Checklist\r\n\r\n- [X] Any text added follows [EUI's writing\r\nguidelines](https://elastic.github.io/eui/#/guidelines/writing), uses\r\nsentence case text and includes [i18n\r\nsupport](https://github.com/elastic/kibana/blob/master/packages/kbn-i18n/README.md)","sha":"bbfa43ae58f9d2d94a124b932a26cdd6e8167aba"}}]}] BACKPORT--> Co-authored-by: Garrett Spong <[email protected]>
kibanamachine
added a commit
that referenced
this pull request
Feb 23, 2023
…o v12.1 (#151931) (#152007) # Backport This will backport the following commits from `main` to `8.7`: - [[Security Solution][Detections] Updates MITRE ATT&CK mappings to v12.1 (#151931)](#151931) <!--- Backport version: 8.9.7 --> ### Questions ? Please refer to the [Backport tool documentation](https://github.com/sqren/backport) <!--BACKPORT [{"author":{"name":"Garrett Spong","email":"[email protected]"},"sourceCommit":{"committedDate":"2023-02-23T15:26:00Z","message":"[Security Solution][Detections] Updates MITRE ATT&CK mappings to v12.1 (#151931)\n\n## Summary\r\n\r\nUpdates MITRE ATT&CK mappings to `v12.1`, see `detection-rules` repo\r\nupdate here: elastic/detection-rules#2422. Last\r\nupdate was to `v11.3` in https://github.com/elastic/kibana/pull/137122.\r\n\r\nTo update, I modified \r\n\r\n\r\nhttps://github.com/elastic/kibana/blob/1a19148c1818b9af3b7735a0b6001bbb6bd8d7ba/x-pack/plugins/security_solution/scripts/extract_tactics_techniques_mitre.js#L22\r\nto point to the `ATT&CK-v12.1` tag.\r\n\r\nThen ran `yarn extract-mitre-attacks` from the root `security_solution`\r\nplugin directory, and then `node scripts/i18n_check.js --fix` from\r\nKibana root to regen the i18n files.\r\n\r\n### Checklist\r\n\r\n- [X] Any text added follows [EUI's writing\r\nguidelines](https://elastic.github.io/eui/#/guidelines/writing), uses\r\nsentence case text and includes [i18n\r\nsupport](https://github.com/elastic/kibana/blob/master/packages/kbn-i18n/README.md)","sha":"bbfa43ae58f9d2d94a124b932a26cdd6e8167aba","branchLabelMapping":{"^v8.8.0$":"main","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["release_note:enhancement","Feature:Detection Rules","Team:Detections and Resp","Team: SecuritySolution","Team:Detection Rules","v8.6.0","v8.7.0","v8.8.0"],"number":151931,"url":"https://github.com/elastic/kibana/pull/151931","mergeCommit":{"message":"[Security Solution][Detections] Updates MITRE ATT&CK mappings to v12.1 (#151931)\n\n## Summary\r\n\r\nUpdates MITRE ATT&CK mappings to `v12.1`, see `detection-rules` repo\r\nupdate here: elastic/detection-rules#2422. Last\r\nupdate was to `v11.3` in https://github.com/elastic/kibana/pull/137122.\r\n\r\nTo update, I modified \r\n\r\n\r\nhttps://github.com/elastic/kibana/blob/1a19148c1818b9af3b7735a0b6001bbb6bd8d7ba/x-pack/plugins/security_solution/scripts/extract_tactics_techniques_mitre.js#L22\r\nto point to the `ATT&CK-v12.1` tag.\r\n\r\nThen ran `yarn extract-mitre-attacks` from the root `security_solution`\r\nplugin directory, and then `node scripts/i18n_check.js --fix` from\r\nKibana root to regen the i18n files.\r\n\r\n### Checklist\r\n\r\n- [X] Any text added follows [EUI's writing\r\nguidelines](https://elastic.github.io/eui/#/guidelines/writing), uses\r\nsentence case text and includes [i18n\r\nsupport](https://github.com/elastic/kibana/blob/master/packages/kbn-i18n/README.md)","sha":"bbfa43ae58f9d2d94a124b932a26cdd6e8167aba"}},"sourceBranch":"main","suggestedTargetBranches":["8.6","8.7"],"targetPullRequestStates":[{"branch":"8.6","label":"v8.6.0","labelRegex":"^v(\\d+).(\\d+).\\d+$","isSourceBranch":false,"state":"NOT_CREATED"},{"branch":"8.7","label":"v8.7.0","labelRegex":"^v(\\d+).(\\d+).\\d+$","isSourceBranch":false,"state":"NOT_CREATED"},{"branch":"main","label":"v8.8.0","labelRegex":"^v8.8.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/151931","number":151931,"mergeCommit":{"message":"[Security Solution][Detections] Updates MITRE ATT&CK mappings to v12.1 (#151931)\n\n## Summary\r\n\r\nUpdates MITRE ATT&CK mappings to `v12.1`, see `detection-rules` repo\r\nupdate here: elastic/detection-rules#2422. Last\r\nupdate was to `v11.3` in https://github.com/elastic/kibana/pull/137122.\r\n\r\nTo update, I modified \r\n\r\n\r\nhttps://github.com/elastic/kibana/blob/1a19148c1818b9af3b7735a0b6001bbb6bd8d7ba/x-pack/plugins/security_solution/scripts/extract_tactics_techniques_mitre.js#L22\r\nto point to the `ATT&CK-v12.1` tag.\r\n\r\nThen ran `yarn extract-mitre-attacks` from the root `security_solution`\r\nplugin directory, and then `node scripts/i18n_check.js --fix` from\r\nKibana root to regen the i18n files.\r\n\r\n### Checklist\r\n\r\n- [X] Any text added follows [EUI's writing\r\nguidelines](https://elastic.github.io/eui/#/guidelines/writing), uses\r\nsentence case text and includes [i18n\r\nsupport](https://github.com/elastic/kibana/blob/master/packages/kbn-i18n/README.md)","sha":"bbfa43ae58f9d2d94a124b932a26cdd6e8167aba"}}]}] BACKPORT--> Co-authored-by: Garrett Spong <[email protected]>
6 tasks
5 tasks
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Summary
Updates MITRE ATT&CK mappings to
v12.1, seedetection-rulesrepo update here: elastic/detection-rules#2422. Last update was tov11.3in #137122.To update, I modified
kibana/x-pack/plugins/security_solution/scripts/extract_tactics_techniques_mitre.js
Line 22 in 1a19148
to point to the
ATT&CK-v12.1tag.Then ran
yarn extract-mitre-attacksfrom the rootsecurity_solutionplugin directory, and thennode scripts/i18n_check.js --fixfrom Kibana root to regen the i18n files.Checklist