Fortinet black logo

MITRE ATT&CK v1.0.1

Copy Link
Copy Doc ID 369f0bde-51a3-11eb-b9ad-00505692583a:86

About the connector

The MITRE ATT&CK knowledge base is used as a foundation for the development of specific threat models and methodologies.

This MITRE ATT&CK connector helps to import MITRE ATT&CK techniques from the static data available within the connector and adds the data to FortiSOAR in “MITRE ATT&CK Techniques” module. This helps in replicating the knowledge base of adversary tactics and techniques based on real-world observations.

Version information

Connector Version: 1.0.1

Authored By: Fortinet

Certified: No

Release Notes for version 1.0.1

Following enhancements have been made in the MITRE ATT&CK connector in version 1.0.1:

  • Fixed the dependencies issue that was found in v1.0.0 of this connector.

Installing the connector

From FortiSOAR™ 5.0.0 onwards, use the Connector Store to install the connector. For the detailed procedure to install a connector, click here.
You can also use the yum command to install connectors. Connectors provided by FortiSOAR™ are delivered using a FortiSOAR™ repository. Therefore, you must set up your FortiSOAR™ repository and run the yum command as a root user to install connectors:

yum install cyops-connector-mitre-attack

Configuring the connector

For the procedure to configure a connector, click here.

Configuration parameters

In FortiSOAR™, on the Connectors page, click the MITRE ATT&CK connector row, and in the Configure tab enter the required configuration details.

Parameter Description
Import MITRE ATT&CK Techniques Select this checkbox to import MITRE ATT&CK techniques from the static data available within the connector. Once you select this checkbox and click save, the connector adds the MITRE ATT&CK techniques data, in form of records, to the “MITRE ATT&CK Techniques” module in FortiSOAR.

Actions supported by the connector

No Actions or playbooks are available with this connector.

Previous
Next

About the connector

The MITRE ATT&CK knowledge base is used as a foundation for the development of specific threat models and methodologies.

This MITRE ATT&CK connector helps to import MITRE ATT&CK techniques from the static data available within the connector and adds the data to FortiSOAR in “MITRE ATT&CK Techniques” module. This helps in replicating the knowledge base of adversary tactics and techniques based on real-world observations.

Version information

Connector Version: 1.0.1

Authored By: Fortinet

Certified: No

Release Notes for version 1.0.1

Following enhancements have been made in the MITRE ATT&CK connector in version 1.0.1:

Installing the connector

From FortiSOAR™ 5.0.0 onwards, use the Connector Store to install the connector. For the detailed procedure to install a connector, click here.
You can also use the yum command to install connectors. Connectors provided by FortiSOAR™ are delivered using a FortiSOAR™ repository. Therefore, you must set up your FortiSOAR™ repository and run the yum command as a root user to install connectors:

yum install cyops-connector-mitre-attack

Configuring the connector

For the procedure to configure a connector, click here.

Configuration parameters

In FortiSOAR™, on the Connectors page, click the MITRE ATT&CK connector row, and in the Configure tab enter the required configuration details.

Parameter Description
Import MITRE ATT&CK Techniques Select this checkbox to import MITRE ATT&CK techniques from the static data available within the connector. Once you select this checkbox and click save, the connector adds the MITRE ATT&CK techniques data, in form of records, to the “MITRE ATT&CK Techniques” module in FortiSOAR.

Actions supported by the connector

No Actions or playbooks are available with this connector.

Previous
Next