Skip to content

buzzer-re/DeepSecurity-2-ATTCK

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

12 Commits
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

Deep Security to ATT&CK

What this do ?

This tool create an MITRE ATT&CK matrix using all rules that are installed in your Deep Security that has a ATT&CK flag.

Which modules are available ?

Right now it only pull Integrity Monitoring and Intrusion Prevention rules (that are the only one that has ATT&CK)

Screenshoot (DSaaS):

Deep Security SaSS

Installation

  • Download and install the last Python SDK
  • Generate an Api key with at least view permission at Intrusion prevention, Integrity monitoring and Computers, tutorial.
  • Fill ds.conf with your api route and key

Usage

Just:

  python dsattck.py

If you filled the config file correctly, everything should work! This will generate 2 json files, enviroment and applied rules, an matrix with ALL rules and a matrix with the applied rules only, you can submit this files at ATT&CK Navigator

Please contact about any bug that you may found, the API/SDK change a LOT!

About

Pull your DS rules and build a ATT&CK matrix

Topics

Resources

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published

Languages