Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/mitre/cti

Cyber Threat Intelligence Repository expressed in STIX 2.0
https://github.com/mitre/cti

attack cti cyber-threat-intelligence stix

Last synced: 10 days ago
JSON representation

Cyber Threat Intelligence Repository expressed in STIX 2.0

Host: GitHub
URL: https://github.com/mitre/cti
Owner: mitre
License: other
Created: 2017-06-05T16:18:24.000Z (over 7 years ago)
Default Branch: master
Last Pushed: 2024-11-12T14:08:25.000Z (about 1 month ago)
Last Synced: 2024-11-12T15:20:09.056Z (about 1 month ago)
Topics: attack, cti, cyber-threat-intelligence, stix
Homepage:
Size: 249 MB
Stars: 1,743
Watchers: 160
Forks: 418
Open Issues: 18
Metadata Files:
- Readme: README.md
- Changelog: CHANGELOG.md
- License: LICENSE.txt

Awesome Lists containing this project

awesome-mitre-attack - cti - Cyber Threat Intelligence Repository expressed in STIX 2.0 (Threat Intelligence / Tools)
awesome-hacking-lists - mitre/cti - Cyber Threat Intelligence Repository expressed in STIX 2.0 (Others)

README

# CTI

This repository contains the MITRE ATT&CK® and CAPEC™ datasets expressed in STIX 2.0. See [USAGE](USAGE.md) or [USAGE-CAPEC](USAGE-CAPEC.md) for information on using this content with [python-stix2](https://github.com/oasis-open/cti-python-stix2).

If you are looking for ATT&CK represented in STIX 2.1, please see the [attack-stix-data](https://github.com/mitre-attack/attack-stix-data) GitHub repository. Both MITRE/CTI (this repository) and attack-stix-data will be maintained and updated with new ATT&CK releases for the foreseeable future, but the data model of attack-stix-data includes quality-of-life improvements not found on MITRE/CTI. Please see the [attack-stix-data USAGE document](https://github.com/mitre-attack/attack-stix-data) for more information on the improved data model of that repository.

## ATT&CK

MITRE ATT&CK is a globally-accessible knowledge base of adversary tactics and techniques based on real-world observations. The ATT&CK knowledge base is used as a foundation for the development of specific threat models and methodologies in the private sector, in government, and in the cybersecurity product and service community.

## CAPEC

Understanding how the adversary operates is essential to effective cyber security. CAPEC™ helps by providing a comprehensive dictionary of known patterns of attacks employed by adversaries to exploit known weaknesses in cyber-enabled capabilities. It can be used by analysts, developers, testers, and educators to advance community understanding and enhance defenses.

- Focuses on application security
- Enumerates exploits against vulnerable systems
- Includes social engineering / supply chain
- Associated with Common Weakness Enumeration (CWE)

## STIX

Structured Threat Information Expression (STIX™) is a language and serialization format used to exchange cyber threat intelligence (CTI).

STIX enables organizations to share CTI with one another in a consistent and machine readable manner, allowing security communities to better understand what computer-based attacks they are most likely to see and to anticipate and/or respond to those attacks faster and more effectively.

STIX is designed to improve many different capabilities, such as collaborative threat analysis, automated threat exchange, automated detection and response, and more.