Comments (7)
jburns12
commented on July 29, 2024
@rpiazza do you have thoughts or feedback on this?
from cti.
rpiazza
commented on July 29, 2024
Hi @HamptonJ,
Currently in STIX 2.1, there is no Weakness object, so it's not clear how we could explicitly represent a CWE in STIX.
However, if you want to reference a CWE from any STIX Object you can always use the external_references property.
from cti.
isaisabel
commented on July 29, 2024
Closing due to lack of activity.
from cti.
garanews
commented on July 29, 2024
@rpiazza what do you think to have CWE under vulnerability object?
from cti.
rpiazza
commented on July 29, 2024
We try to emphasize the difference between a weakness (CWE) and a vulnerability (CVE). Here are some definitions that explain those differences:
Weakness: A condition in a software, firmware, hardware, or service component that, under the right circumstances, could contribute to the introduction of vulnerabilities
Vulnerability: A flaw in a software, firmware, hardware, or service component resulting from a weakness that can be exploited, causing a negative impact to the confidentiality, integrity, or availability of an impacted component or components.
Because of this, I think it would be confusing to use the STIX Vulnerability object for a CWE. MITRE is working with the CWE/CAPEC community to provide an API to those corpuses. The responses to the API calls will be a JSON representation of CWE and CAPECs, but not STIX at this time.
from cti.
garanews
commented on July 29, 2024
I understand perfectly, thanks.
Do you have a draft of a possible weakness stix object or at least how it should look like?
In that case I will implement it at my side as custom "temporary" object, like x-weakness with following properties:
cwe_id
name
weakness_abstraction
status
description
extended_description
related_weaknesses
weakness_ordinalities
applicable_platforms
background_details
alternate_terms
modes_of_introduction
exploitation_factors
likelihood_of_exploit
common_consequences
detection_methods
potential_mitigations
observed_examples
functional_areas
affected_resources
taxonomy_mappings
related_attack_patterns
notes
And then create relationships from cwe to cve , like targets?
Any suggestion will be much appreciated.
from cti.
rpiazza
commented on July 29, 2024
Hi @garanews
Here is the current JSON schema we have for CAPEC attack patterns
AttackPattern Schema.json.txt
I hope this helps!
from cti.
Related Issues (20)
- Mitre Taxii Service Throwing 502 Errors
- Some revoked attack pattern miss the revoked-by relation in mobile domain HOT 2
- x_mitre_domains field for x-mitre-matrices populated only for ics
- Microsoft Defender Detection HOT 4
- [T1059.009] Cloud API - Typo in source name HOT 2
- v13.0 bundle ids match in both mitre/cti and mitre-attack/attack-stix-data, but content is different
- x_mitre_data_sources missing for Mobile ATT&CK attack-patterns HOT 2
- ICS platform information
- Some relationship missing when v12, v13 release HOT 2
- Alias of APT37 has a typo HOT 1
- The CAPEC dataset is not updated with the one available on capec.mitre.org
- Missing Some Records in 'Data Sources' HOT 1
- Request for ATT&CK version to be added to objects
- ATT&CK attack-patterns no longer have external_references to CAPEC HOT 1
- Bug: All MITRE ATT&CK ICS Techniques have "x_mitre_platforms": [ "None" ] HOT 2
- Certificate Expired
- cti-taxii.mitre.org timing out since Saturday, March 2, 2024 HOT 1
- https://cti-taxii.mitre.org seems to be down HOT 4
- Bad URL for "Dell PSP ZeuS" in "T1001.101 Junk Data" in the 11.0, 12.0, 13.0, and 14.1 MITRE ATT&CK Frameworks HOT 1
- Taxii Server seems to be timing out HOT 1
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from cti.