https://github.com/center-for-threat-informed-defense/attack-sync
ATT&CK Sync is a Center for Threat-Informed Defense project that aims to improve the ability for organizations to consume MITRE ATT&CK® version updates into their internal systems and processes.
https://github.com/center-for-threat-informed-defense/attack-sync
ctid cybersecurity mitre-attack threat-informed-defense
Last synced: about 2 months ago
JSON representation
ATT&CK Sync is a Center for Threat-Informed Defense project that aims to improve the ability for organizations to consume MITRE ATT&CK® version updates into their internal systems and processes.
- Host: GitHub
- URL: https://github.com/center-for-threat-informed-defense/attack-sync
- Owner: center-for-threat-informed-defense
- License: apache-2.0
- Created: 2022-11-03T19:12:07.000Z (over 2 years ago)
- Default Branch: main
- Last Pushed: 2025-04-01T04:08:21.000Z (2 months ago)
- Last Synced: 2025-04-01T05:22:23.005Z (2 months ago)
- Topics: ctid, cybersecurity, mitre-attack, threat-informed-defense
- Language: Python
- Homepage: https://ctid.io/attack-sync
- Size: 20.3 MB
- Stars: 19
- Watchers: 66
- Forks: 6
- Open Issues: 4
-
Metadata Files:
- Readme: README.md
- Contributing: CONTRIBUTING.md
- License: LICENSE
Awesome Lists containing this project
README
[](https://attack.mitre.org/versions/v16/)
[](https://github.com/center-for-threat-informed-defense/attack-sync/actions/workflows/build.yml)
# ATT&CK Sync
ATT&CK Sync is a Center for Threat-Informed Defense project that aims to ease the
process of staying in sync with MITRE ATT&CK® version updates. We recognize widespread
difficulties keeping internal systems and date in sync with with ATT&CK, so this project
includes tools, data, and methodology to reduce the cost and effort associated with
tracking ATT&CK releases. The Center is deploying this technology to improve our own
projects, and we believe it will be highly valuable to many other organizations as well.
**Table Of Contents:**
- [Getting Started](#getting-started)
- [Getting Involved](#getting-involved)
- [Questions and Feedback](#questions-and-feedback)
- [How Do I Contribute?](#how-do-i-contribute)
- [Notice](#notice)
## Getting Started
The best way to get started is to visit the ATT&CK Sync website, where you can quickly
access detailed changelogs that show cumulative differences between any two versions of
ATT&CK from v8.0 to v16.1. The sample JSON changelog shows how the differences can be
consumed in machine-readable format, and the sample Excel mappings show how the
machine-readable data can be merged with your internal systems & data to provide
contextual ATT&CK changes. Finally, the project wiki provides thorough documentation for
the project as well as a case study.
| Resource | Description |
| ---------------------------------------------------------------------------------------------------------------------------------------------- | ------------------------------------------------------------------------ |
| [ATT&CK Sync Website](https://center-for-threat-informed-defense.github.io/attack-sync/) | An interactive website for detailed comparisons between ATT&CK versions. |
| [Project Wiki](https://github.com/center-for-threat-informed-defense/attack-sync/wiki) | The wiki contains project documentation: goals, tools, and methodology. |
| [Case Study](https://github.com/center-for-threat-informed-defense/attack-sync/wiki/Case-Study:-NIST-800-53-Mappings) | Case study measuring efficiency gained from using ATT&CK Sync. |
| [Sample JSON Changelog](https://github.com/center-for-threat-informed-defense/attack-sync/raw/main/samples/attack-changelog-v10.1-v12.1.json) | A sample machine-readable ATT&CK changelog. |
| [Sample Excel Mappings](https://github.com/center-for-threat-informed-defense/attack-sync/raw/main/samples/nist800-53-r5-mappings-output.xlsx) | A sample mappings spreadsheet annotated with ATT&CK changes. |
## Getting Involved
There are several ways that you can get involved with this project and help
advance threat-informed defense:
- **Visit the ATT&CK Sync website.** Access changelogs that detail the cumulative
changes between any ATT&CK versions. This is especially helpful if your organization
is contemplating an upgrade of internal systems to a more recent version of ATT&CK.
- **Review the sample documents.** These documents will give you a better idea of how
ATT&CK Sync can your organization major time and effort while staying in sync with
ATT&CK.
- **Tell us what you think.** As the project grows, we want to cover a broader set of
use cases. Let us know if you like this idea and how we can make it even better in
future releases.
## Questions and Feedback
Please submit
[issues](https://github.com/center-for-threat-informed-defense/attack-sync/issues) for
any technical questions/concerns or contact [email protected] directly for
general inquiries.
## How Do I Contribute?
We welcome your feedback and contributions to help advance Attack Sync. Please see the
guidance for contributors if are you interested in [contributing or simply reporting
issues.](/CONTRIBUTING.md)
## Notice
Copyright 2023 MITRE Engenuity. Approved for public release. Document number CT0070.
Licensed under the Apache License, Version 2.0 (the "License"); you may not use this
file except in compliance with the License. You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software distributed under
the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
KIND, either express or implied. See the License for the specific language governing
permissions and limitations under the License.
This project makes use of MITRE ATT&CK®
[ATT&CK Terms of Use](https://attack.mitre.org/resources/terms-of-use/)