Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Request] Update kibana MITRE version to v15.1 #5222

Closed
dplumlee opened this issue May 15, 2024 · 0 comments · Fixed by #5294
Closed

[Request] Update kibana MITRE version to v15.1 #5222

dplumlee opened this issue May 15, 2024 · 0 comments · Fixed by #5294
Assignees
@joepeeples
Labels
Docset: ESS Issues that apply to docs in the Stack release Docset: Serverless Issues for Serverless Security Feature: Rules Team: Detections/Response Detections and Response v8.15.0

Comments

@dplumlee
Copy link
Contributor

dplumlee commented May 15, 2024
edited by joepeeples
Loading

Description

We're updating the kibana MITRE version from v14.1 to v15.1 that is used in both rule creation and the MITRE coverage overview dashboard (and referenced here).

Background & resources

Additional requirements & info

  • Which documentation set does this change impact? ESS and serverless
  • ESS release: 8.15
  • Serverless release: June 4?
  • Feature differences: The feature is identical in ESS and serverless
  • API docs impact: None
  • Prerequisites, privileges, feature flags: N/A
@dplumlee dplumlee mentioned this issue May 15, 2024
Merged
6 tasks
@joepeeples joepeeples self-assigned this May 15, 2024
@joepeeples joepeeples added Docset: Serverless Issues for Serverless Security Docset: ESS Issues that apply to docs in the Stack release labels May 15, 2024
dplumlee added a commit to elastic/kibana that referenced this issue May 30, 2024
@dplumlee @kibanamachine
[Security Solution] Updates MITRE ATT&CK framework to v15.1 (#183463)
dff2754 
## Summary

Addresses: #166152 for `8.15.0`

[Flaky test runner result
(internal)](https://buildkite.com/elastic/kibana-flaky-test-suite-runner/builds/5996)

Updates MITRE ATT&CK mappings to `v15.1`. Last update was to `v14.1` in
#174120.

To update,  I modified 


https://github.com/elastic/kibana/blob/44e38acd71a7a64fb0df08f01ff9abfada1fec1c/x-pack/plugins/security_solution/scripts/extract_tactics_techniques_mitre.js#L22

to point to the `ATT&CK-v15.1` tag.

Then ran `yarn extract-mitre-attacks` from the root `security_solution`
plugin directory, and then `node scripts/i18n_check.js --fix` from
Kibana root to regen the i18n files.

## Acceptance Criteria

- [x] User can map and use new MITRE techniques in Security Solution
- [ ] The user-facing documentation is updated with the new version
(elastic/security-docs#5222)
- [ ] [MITRE ATT&CK®
coverage](https://www.elastic.co/guide/en/security/master/rules-coverage.html)
page

## Test Criteria

- [x] Verify that new techniques (see the changelog link above) are
available for mapping on the Rule Creation page under "Advanced
settings"
- [x] Verify that new techniques are available on the MITRE ATT&CK
coverage page


### For maintainers

- [ ] This was checked for breaking API changes and was [labeled
appropriately](https://www.elastic.co/guide/en/kibana/master/contributing.html#kibana-release-notes-process)

---------

Co-authored-by: Kibana Machine <[email protected]>
@joepeeples joepeeples mentioned this issue Jun 3, 2024
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@joepeeples joepeeples

Labels
Docset: ESS Issues that apply to docs in the Stack release Docset: Serverless Issues for Serverless Security Feature: Rules Team: Detections/Response Detections and Response v8.15.0
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Update kibana MITRE version to v15.1 elastic/security-docs
2 participants
@dplumlee @joepeeples