https://github.com/center-for-threat-informed-defense/defending-iaas-with-attack

Defending IaaS with ATT&CK is a project to create a collection of ATT&CK techniques relevant to a Linux IaaS environment, as well as a methodology for creating technique collections.
https://github.com/center-for-threat-informed-defense/defending-iaas-with-attack

ctid cybersecurity iaas mitre-attack threat-informed-defense

Last synced: 25 days ago
JSON representation

Defending IaaS with ATT&CK is a project to create a collection of ATT&CK techniques relevant to a Linux IaaS environment, as well as a methodology for creating technique collections.

• Host: GitHub
• URL: https://github.com/center-for-threat-informed-defense/defending-iaas-with-attack
• Owner: center-for-threat-informed-defense
• License: apache-2.0
• Created: 2022-06-22T19:55:42.000Z (over 2 years ago)
• Default Branch: main
• Last Pushed: 2024-02-27T18:18:48.000Z (11 months ago)
• Last Synced: 2024-11-07T13:28:52.864Z (3 months ago)
• Topics: ctid, cybersecurity, iaas, mitre-attack, threat-informed-defense
• Language: Makefile
• Homepage: https://ctid.io/defending-iaas
• Size: 6.34 MB
• Stars: 13
• Watchers: 58
• Forks: 7
• Open Issues: 0
• Metadata Files:
  • Readme: README.md
  • Contributing: CONTRIBUTING.md
  • License: LICENSE

Awesome Lists containing this project

README

        
[![MITRE ATT&CK® v11](https://img.shields.io/badge/MITRE%20ATT%26CK®-v11-red)](https://attack.mitre.org/versions/v11/)

[![build status](https://github.com/center-for-threat-informed-defense/defending-iaas-with-attack/actions/workflows/publish.yml/badge.svg)](https://github.com/center-for-threat-informed-defense/defending-iaas-with-attack/actions/workflows/publish.yml)

# Defending IaaS with ATT&CK

Organizations using Infrastructure-as-a-Service (IaaS) need to identify the

MITRE ATT&CK® techniques that are pertinent to that architecture, whether they

affect container technology, virtual machines, or the cloud management control

plane. The Defending IaaS with ATT&CK project consists of a collection of ATT&CK

techniques that target a notional Linux IaaS architecture, as well as

methodology to build custom collections that can be tailored to any unique

organization and scenario. The Defending IaaS collection can be used as-is, or

the methodology can be employed to develop entirely new collections.

**Table Of Contents:**

- [Getting Started](#getting-started)

- [Getting Involved](#getting-involved)

- [Questions and Feedback](#questions-and-feedback)

- [Notice](#notice)

## Getting Started

The best place to start is with the documentation: this will familiarize you with the

project goals, the methodology, and the collection of techniques. For a deep dive,

upgrade to the latest version of ATT&CK Workbench and use its new features to create

your own collections.

| Resource | Description |

| -------- | ----------- |

| [Documentation](https://center-for-threat-informed-defense.github.io/defending-iaas-with-attack/) | Documentation for Defending IaaS with ATT&CK, including methodology and technical deep dive. |

| [ATT&CK Workbench](https://github.com/center-for-threat-informed-defense/attack-workbench-frontend) | Upgrades to ATT&CK Workbench facilitate creating new collections for projects such as this one. |

| [Defending IaaS Collection](./data/) | The collection of techniques in Excel format as well as a machine-readable format (STIX). |

## Getting Involved

There are several ways that you can get involved with this project and help

advance threat-informed defense:

- **Review the collection using ATT&CK Navigator or ATT&CK Workbench.**

  Navigator is the easiest way to get started, using the resource link above. If

  you are already a Workbench user, you will find that the latest version

  includes new capabilities that are helpful for creating custom collections.

- **Read the methodology.** The Defending IaaS collection is helpful in its own

  right, but the methodology is provided so that organizations can create

  tailored collections to meet their own needs.

- **Build and share your own collections!** This project provides the

  methodology and tools needed to build collections tailored to any need. You

  can build proprietary collections to use within your organization, or you can

  publish collections to benefit the community.

## Questions and Feedback

Please submit issues for any technical questions/concerns or contact

[email protected] directly for more general inquiries.

Also see the guidance for contributors if are you interested in contributing or

simply reporting issues.

## Notice

Copyright 2022 MITRE Engenuity. Approved for public release. Document number

CT0059.

Licensed under the Apache License, Version 2.0 (the "License"); you may not use

this file except in compliance with the License. You may obtain a copy of the

License at

http://www.apache.org/licenses/LICENSE-2.0

Unless required by applicable law or agreed to in writing, software distributed

under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR

CONDITIONS OF ANY KIND, either express or implied. See the License for the

specific language governing permissions and limitations under the License.

This project makes use of ATT&CK®

[ATT&CK Terms of Use](https://attack.mitre.org/resources/terms-of-use/)