Feature request: Adding a platform attribute per technique to enable coloring when using filters.

[nicolaipre]

Technique T1531 (Account Access Removal) is a technique that applies to platforms: ['windows', 'mac', 'linux'].

At my workplace we have multiple platforms available, and we have different detection results on each platform.

For this example, let's imagine I have coverage for T1531 on platforms ['windows', 'linux'] but not for mac. I would like to be able to set a platform attribute (a list of supported platforms) on technique level, that will be respected when using filtering in MITRE navigator.

If I give the technique a score, it will be colored. But if I would like to see my MITRE threat coverage for only the Mac platform, it would still be colored since there is no attribute to check this (?).

See image below for example:

Currently I am using one .json file per platform to get around this.

[isaisabel]

Hi @nicolaipre,

This is a neat feature, kind of like a platform version of our "select technique across tactics" control. I imagine the behavior would be that, if the control were enabled, it would apply annotations depending on the current platform selection (visible platforms). We'd probably need to indicate that more clearly in the UI (e.g within the annotation dropdowns, "annotating the macOS platform" or something to that effect).

Implementation wise, this will require a good deal of refactoring of how we handle TechniqueVMs. Currently TechniqueVMs are created for every instance of a technique, distinct for each tactic the technique occurs within. This change would likely require instantiating TechniqueVMs for each platform and tactic combination, which could get complicated.

Overall, I think this is a great idea but it might take a while for us to get to it given the complexity of the refactor required.