Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

refactor navigator layer metadata #88

Merged
merged 3 commits into from
Feb 27, 2024
Merged

refactor navigator layer metadata #88

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
3 commits
Select commit Hold shift + click to select a range
8b96b43
refactor navigator layer metadata
Feb 27, 2024
fdf4fe8
fix errors
Feb 27, 2024
0f8497c
fix tests
Feb 27, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
62 changes: 29 additions & 33 deletions src/mapex/write_parsed_mappings.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -364,46 +364,42 @@
tehchnique_id = mapping["attack_object_id"]
capability_id = mapping["capability_id"]

# add score metadata if it is a scoring mapping
score_metadata = mapping["mapping_type"] == "technique_scores"

if score_metadata:
# define metadata objects
metadata_control = {"name": "control", "value": mapping["capability_id"]}
metadata_score_category = {
"name": "category",
"value": mapping["score_category"],
}
metadata_score_value = {"name": "value", "value": mapping["score_value"]}
metadata_comment = {"name": "comment", "value": mapping["comments"]}
divider = {"divider": True}
# define metadata
metadata = []
if mapping.get("score_category"):
metadata.append(

Check warning on line 370 in src/mapex/write_parsed_mappings.py

View check run for this annotation

Codecov / codecov/patch

src/mapex/write_parsed_mappings.py#L370 

Added line #L370 was not covered by tests
{
"name": "category",
"value": mapping["score_category"],
}
)

if mapping.get("score_value"):
metadata.append({"name": "value", "value": mapping["score_value"]})

Check warning on line 378 in src/mapex/write_parsed_mappings.py

View check run for this annotation

Codecov / codecov/patch

src/mapex/write_parsed_mappings.py#L378 

Added line #L378 was not covered by tests

if mapping.get("comments"):
metadata.append({"name": "comment", "value": mapping["comments"]})

Check warning on line 381 in src/mapex/write_parsed_mappings.py

View check run for this annotation

Codecov / codecov/patch

src/mapex/write_parsed_mappings.py#L381 

Added line #L381 was not covered by tests

if techniques_dict.get(tehchnique_id):
# add capability information to technique it is mapped to
techniques_dict[tehchnique_id]["capability_ids"].append(capability_id)
if score_metadata:
metadata_info = [
metadata_control,
metadata_score_category,
metadata_score_value,
metadata_comment,
divider,
]
if "metadata" in techniques_dict[tehchnique_id]:
techniques_dict[tehchnique_id]["metadata"].extend(metadata_info)
else:
techniques_dict[tehchnique_id]["metadata"] = metadata_info
metadata_info = [{"name": "control", "value": mapping["capability_id"]}]
metadata_info.extend(metadata)
metadata_info.append({"divider": True})

Check warning on line 388 in src/mapex/write_parsed_mappings.py

View check run for this annotation

Codecov / codecov/patch

src/mapex/write_parsed_mappings.py#L386-L388 

Added lines #L386 - L388 were not covered by tests

if "metadata" in techniques_dict[tehchnique_id]:
techniques_dict[tehchnique_id]["metadata"].extend(metadata_info)

Check warning on line 391 in src/mapex/write_parsed_mappings.py

View check run for this annotation

Codecov / codecov/patch

src/mapex/write_parsed_mappings.py#L390-L391 

Added lines #L390 - L391 were not covered by tests
else:
techniques_dict[tehchnique_id]["metadata"] = metadata_info

Check warning on line 393 in src/mapex/write_parsed_mappings.py

View check run for this annotation

Codecov / codecov/patch

src/mapex/write_parsed_mappings.py#L393 

Added line #L393 was not covered by tests
else:
# add capability information to technique it is mapped to
techniques_dict[tehchnique_id] = {"capability_ids": [capability_id]}
if score_metadata:
techniques_dict[tehchnique_id]["metadata"] = [
metadata_control,
metadata_score_category,
metadata_score_value,
metadata_comment,
divider,
]
techniques_dict[tehchnique_id]["metadata"] = [
{"name": "control", "value": mapping["capability_id"]}
]
techniques_dict[tehchnique_id]["metadata"].extend(metadata)
techniques_dict[tehchnique_id]["metadata"].append({"divider": True})

return techniques_dict


Expand Down
3 changes: 1 addition & 2 deletions src/mapex_convert/parse_cve_mappings.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -80,8 +80,7 @@ def configure_cve_mappings(df, attack_id_to_name_dict):
# get capability product description from cve api
try:
response = requests.get(
f"https://cveawg.mitre.org/api/cve/{capability_id}/",
verify=False,
f"https://cveawg.mitre.org/api/cve/{capability_id}/"
).json()
descriptions = response["containers"]["cna"]["affected"]
capability_description = descriptions[0]["product"].strip()
Expand Down
4 changes: 2 additions & 2 deletions tests/expected_results/expected_results_navigator_layer.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -9,13 +9,13 @@
"techniqueID": "T1137",
"score": 1,
"comment": "Related to AC-10",
"metadata": [],
"metadata": [{"name": "control", "value": "AC-10"}, {"divider": True}],
},
{
"techniqueID": "T1137.002",
"score": 1,
"comment": "Related to AC-10",
"metadata": [],
"metadata": [{"name": "control", "value": "AC-10"}, {"divider": True}],
},
],
"gradient": {"colors": ["#ffe766", "#ffaf66"], "minValue": 1, "maxValue": 1},
Expand Down
Loading