-
Notifications
You must be signed in to change notification settings - Fork 3
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Merge pull request #7 from center-for-threat-informed-defense/tiffb-p…
…atch-1 Update README.md
- Loading branch information
Showing
1 changed file
with
28 additions
and
50 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -1,74 +1,52 @@ | ||
| [](https://attack.mitre.org/versions/v15/) | ||
|
|
||
| # Defending OT with ATT&CK | ||
|
|
||
| <!-- TODO Put a one paragraph summary of the project here. --> | ||
| Defending Operational Technology (OT) with ATT&CK is a Center for Threat-Informed Defense (Center) | ||
| project that provides a customized collection of [MITRE ATT&CK®](https://attack.mitre.org/) techniques tailored to the | ||
| attack surface and threat model for OT environments. The collection of threats contained | ||
| in the ATT&CK knowledgebase, including historical attacks against OT, are used to define a | ||
| reference architecture and technology domains of interest for OT. The resultant collection | ||
| can be used by organizations that use OT to evaluate and employ security controls for | ||
| real-world adversary behaviors. | ||
|
|
||
| Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor | ||
| incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud | ||
| exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat. Duis aute irure | ||
| dolor in reprehenderit in voluptate velit esse cillum dolore eu fugiat nulla pariatur. | ||
| Excepteur sint occaecat cupidatat non proident, sunt in culpa qui officia deserunt | ||
| mollit anim id est laborum. | ||
| This work builds upon the Center's [Defending IaaS with ATT&CK](https://mitre-engenuity.org/cybersecurity/center-for-threat-informed-defense/our-work/defending-iaas-with-attack/) project by using | ||
| the methodology and tooling created under that project as a basis. Defending OT with ATT&CK | ||
| provides an additional collection of resources cyber defenders can use to understand and make | ||
| threat-informed decisions for techniques that could be used within an IT/OT hybrid architecture | ||
| and environment. | ||
|
|
||
| **Table Of Contents:** | ||
|
|
||
| <!-- | ||
| TODO The table of contents should include only h2-h6, NOT h1. The "Markdown All In One" | ||
| extension for VS Code will update the TOC automatically for you: | ||
| https://marketplace.visualstudio.com/items?itemName=yzhang.markdown-all-in-one | ||
| Set the extension's TOC:Levels setting to "2..6" | ||
| --> | ||
|
|
||
| - [Getting Started](#getting-started) | ||
| - [Getting Involved](#getting-involved) | ||
| - [Questions and Feedback](#questions-and-feedback) | ||
| - [Notice](#notice) | ||
|
|
||
| ## Getting Started | ||
|
|
||
| <!-- TODO Write one paragraph about how users should get started, | ||
| and update the table of resources below. --> | ||
| To get started, visit the project website. The website includes an overview of the project, | ||
| the reference architecture assets, the threat modeling methodology, and the customized threat | ||
| collection. Use cases and a cyber tabletop exercise scenario are also provided. | ||
|
|
||
| Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor | ||
| incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud | ||
| exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat. Duis aute irure | ||
| dolor in reprehenderit in voluptate velit esse cillum dolore eu fugiat nulla pariatur. | ||
| Excepteur sint occaecat cupidatat non proident, sunt in culpa qui officia deserunt | ||
| mollit anim id est laborum. | ||
|
|
||
| | Resource | Description | | ||
| | --------------- | ------------------------ | | ||
| | [Resource 1](#) | Description of resource. | | ||
| | [Resource 2](#) | Description of resource. | | ||
| | [Resource 3](#) | Description of resource. | | ||
| | Resource | Description | | ||
| | ----------------------------------------------------------------------------------------------------------------------------------------------------- | ---------------------------------------------------- | | ||
| | [Project Website](https://center-for-threat-informed-defense.github.io/defending-ot-with-attack/) | Reference architecture, methodology, usage | | ||
| | [Threat Collection](https://github.com/center-for-threat-informed-defense/defending-ot-with-attack/TBD) | Mapped techniques for OT environments | | ||
| | [Hybrid Navigator Layer](https://github.com/center-for-threat-informed-defense/defending-ot-with-attack/tree/main/mappings/layers/TBD) | ATT&CK Navigator views of the hybrid ATT&CK matrix | | ||
|
|
||
| ## Getting Involved | ||
|
|
||
| <!-- TODO Add some bullets telling users how to get involved. --> | ||
|
|
||
| There are several ways that you can get involved with this project and help | ||
| advance threat-informed defense: | ||
| advance threat-informed defense. Please review the project resources, use them, and tell us | ||
| what you think. | ||
|
|
||
| - **Way to get involved 1.** Lorem ipsum dolor sit amet, consectetur adipiscing elit, | ||
| sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. | ||
| - **Way to get involved 2.** Ut enim ad minim veniam, quis nostrud exercitation ullamco | ||
| laboris nisi ut aliquip ex ea commodo consequat. | ||
| - **Way to get involved 3.** Duis aute irure dolor in reprehenderit in voluptate velit | ||
| esse cillum dolore eu fugiat nulla pariatur. | ||
|
|
||
| ## Questions and Feedback | ||
| We welcome your contributions to help advance Defending OT with ATT&CK in the form of [pull | ||
| requests](https://github.com/center-for-threat-informed-defense/defending-ot-with-attack/pulls). Please review the [contributor notice](https://github.com/center-for-threat-informed-defense/defending-ot-with-attack/blob/main/CONTRIBUTING.md) before making a pull request. | ||
|
|
||
| Please submit [issues on | ||
| GitHub](https://github.com/center-for-threat-informed-defense/defending-ot-with-attack/issues) | ||
| for any technical questions or requests. You may also contact | ||
| [[email protected]](mailto:[email protected]?subject=Question%20about%20defending-ot-with-attack) directly for more general inquiries about | ||
| Please submit [issues on GitHub](https://github.com/center-for-threat-informed-defense/defending-ot-with-attack/issues) for any technical questions or requests. | ||
| You may also contact [[email protected]](mailto:[email protected]?subject=Question%20about%20defending-ot-with-attack) directly for more general inquiries about | ||
| the Center for Threat-Informed Defense. | ||
|
|
||
| We welcome your contributions to help advance Defending OT with ATT&CK in the form of [pull | ||
| requests](https://github.com/center-for-threat-informed-defense/defending-ot-with-attack/pulls). | ||
| Please review the [contributor | ||
| notice](https://github.com/center-for-threat-informed-defense/defending-ot-with-attack/blob/main/CONTRIBUTING.md) | ||
| before making a pull request. | ||
|
|
||
| ## Notice | ||
|
|
||
| <!-- TODO Add PRS prior to publication. --> | ||
|
|
||