Update web site with Mappings Explorer links (#17)

* Update web site with Mappings Explorer links Redirect links to the 800-53 mappings to use MapEx instead. * Fix typo in previous commit VS Code autoformat changed bullet 2 to 1. Reverted here.
center-for-threat-informed-defense · Apr 3, 2024 · 9ef8339 · 9ef8339
1 parent cdac3f5
commit 9ef8339
Show file tree

Hide file tree

Showing 2 changed files with 26 additions and 22 deletions.
diff --git a/docs/key-results.rst b/docs/key-results.rst
@@ -119,25 +119,32 @@ the range and scope of our most observed data.
 Top 10 NIST 800-53 Controls
 ---------------------------
 
-.. TODO link this to the new mappings explorer website when its ready. we can link each
-.. control below directly to a page.
-
 Using the Center’s mappings of the National Institute of Standards and Technology (NIST)
 Special Publication (SP) 800-53 revision 5 to ATT&CK, we can identify which NIST
 controls are the most effective in protecting against our top 15 techniques. Overall,
 Access Control, System and Information Integrity, and Configuration Management controls
 are the most frequently seen.
 
-1. SI-3 Malicious Code Protection
-2. SI-4 System Monitoring
-3. CM-6 Configuration Settings
-4. CM-2 Baseline Configuration
-5. AC-3 Access Enforcement
-6. AC-6 Least Privilege
-7. CM-7 Least Functionality
-8. SI-7 Software, Firmware, and Information Integrity
-9. CA-7 Continuous Monitoring
-10. AC-2 Account Management
+1. `SI-03 Malicious Code Protection
+   <https://center-for-threat-informed-defense.github.io/mappings-explorer/external/nist/attack-14.1/domain-enterprise/nist-rev5/SI-03/>`_
+2. `SI-04 System Monitoring
+   <https://center-for-threat-informed-defense.github.io/mappings-explorer/external/nist/attack-14.1/domain-enterprise/nist-rev5/SI-04/>`_
+3. `CM-06 Configuration Settings
+   <https://center-for-threat-informed-defense.github.io/mappings-explorer/external/nist/attack-14.1/domain-enterprise/nist-rev5/CM-06/>`_
+4. `CM-02 Baseline Configuration
+   <https://center-for-threat-informed-defense.github.io/mappings-explorer/external/nist/attack-14.1/domain-enterprise/nist-rev5/CM-02/>`_
+5. `AC-03 Access Enforcement
+   <https://center-for-threat-informed-defense.github.io/mappings-explorer/external/nist/attack-14.1/domain-enterprise/nist-rev5/AC-03/>`_
+6. `AC-06 Least Privilege
+   <https://center-for-threat-informed-defense.github.io/mappings-explorer/external/nist/attack-14.1/domain-enterprise/nist-rev5/AC-06/>`_
+7. `CM-07 Least Functionality
+   <https://center-for-threat-informed-defense.github.io/mappings-explorer/external/nist/attack-14.1/domain-enterprise/nist-rev5/CM-07/>`_
+8. `SI-07 Software, Firmware, and Information Integrity
+   <https://center-for-threat-informed-defense.github.io/mappings-explorer/external/nist/attack-14.1/domain-enterprise/nist-rev5/SI-07/>`_
+9. `CA-07 Continuous Monitoring
+   <https://center-for-threat-informed-defense.github.io/mappings-explorer/external/nist/attack-14.1/domain-enterprise/nist-rev5/CA-07/>`_
+10. `AC-02 Account Management
+    <https://center-for-threat-informed-defense.github.io/mappings-explorer/external/nist/attack-14.1/domain-enterprise/nist-rev5/AC-02/>`_
 
 .. figure:: _static/nist_controls.png
    :alt: Top 10 NIST Controls and their coverage of the Top 15 Techniques.

diff --git a/docs/top-15-techniques.rst b/docs/top-15-techniques.rst
@@ -8,11 +8,9 @@ granular glimpse into each technique for defenders. The majority of the top 15
 techniques abuse legitimate system tools. This underscores the idea that adversaries are
 attempting to appear as legitimate users.
 
-.. TODO update these mappings links when Mappings Explorer comes out
-
 We have incorporated relevant security controls from the Center’s `NIST SP 800-53 to
 ATT&CK mappings
-<https://mitre-engenuity.org/cybersecurity/center-for-threat-informed-defense/our-work/nist-800-53-control-mappings/>`__
+<https://center-for-threat-informed-defense.github.io/mappings-explorer/external/nist/>`__
 and detection methods from the `Cyber Analytics Repository
 <https://car.mitre.org/analytics/>`_ and the Center’s `Sensor Mappings to ATT&CK
 <https://mitre-engenuity.org/cybersecurity/center-for-threat-informed-defense/our-work/sensor-mappings-to-attack/>`_,
@@ -63,10 +61,9 @@ as the top sector, and Heodo (another name for Emotet) as the top software.
 Prevention
 ----------
 
-.. TODO I think when mappings explorer is ready, we should discuss the removal all of
-.. these Prevention sections and replace with links to MapEx
-
-The Center's NIST 800-53 mappings list 24 security controls to mitigate Command and Script Interpreter:
+The Center's `NIST 800-53 mappings
+<https://center-for-threat-informed-defense.github.io/mappings-explorer/external/nist/>`_
+list 24 security controls to mitigate Command and Script Interpreter:
 
 * **AC-2 Account Management** (Also mitigates PowerShell, AppleScript, Visual Basic,
   Windows Command Shell, Unix Shell, Python, JavaScript)
@@ -567,11 +564,11 @@ respectively.
 Prevention
 ----------
 
-The Center's NIST 800-53 mappings list 1 security controls to mitigate Hidden Users: 
+The Center's NIST 800-53 mappings list 1 security controls to mitigate Hidden Users:
 
 * **CM-6 Configuration Settings**
 
-The Center's NIST 800-53 mappings list 3 security controls to mitigate Hidden Window: 
+The Center's NIST 800-53 mappings list 3 security controls to mitigate Hidden Window:
 
 * **CM-7 Least Functionality** (Also mitigates Email Hiding Rules and Hidden Users)
 * **SI-7 Software, Firmware, and Information Integrity** (Also mitigates NTFS File Attributes and Email Hiding Rules)