Hello,
The project is really interesting !
To be honest, I could already see myself confronting my entire CTI database with this project, in order to convert my data from lists to graphs.
Knowing that this quote is positioned as a preamble to the Project Overview, I thought it would be possible to import my TTP lists automatically, and then finish the graphs manually (in an 80/20 approach).
However, I have not found how to import a STIX bundle directly into the Builder engine.
I'm obviously thinking of a classic STIX bundle, i.e. not containing the custom ATT&CK objects, like the APT1 bundle: https://github.com/oasis-open/cti-documentation/blob/main/examples/example_json/apt1.json
Am I doing something wrong or is it not possible to import such bundles at this time?
My database contains 300+ STIX bundles, with the TTPs defined in lists. Importing each bundle manually will take me forever, knowing that it takes between 20 and 40 TTPs each time.
Hello,
The project is really interesting !
To be honest, I could already see myself confronting my entire CTI database with this project, in order to convert my data from lists to graphs.
Knowing that this quote is positioned as a preamble to the Project Overview, I thought it would be possible to import my TTP lists automatically, and then finish the graphs manually (in an 80/20 approach).
However, I have not found how to import a STIX bundle directly into the Builder engine.
I'm obviously thinking of a classic STIX bundle, i.e. not containing the custom ATT&CK objects, like the APT1 bundle: https://github.com/oasis-open/cti-documentation/blob/main/examples/example_json/apt1.json
Am I doing something wrong or is it not possible to import such bundles at this time?
My database contains 300+ STIX bundles, with the TTPs defined in lists. Importing each bundle manually will take me forever, knowing that it takes between 20 and 40 TTPs each time.