From 43cb78a6a81c677e89990876ab0dbac6743255f8 Mon Sep 17 00:00:00 2001 From: Josh Brower Date: Fri, 27 May 2022 14:21:11 -0400 Subject: [PATCH] Upgrade Navigator --- salt/nginx/files/nav_layer_playbook.json | 49 +++++++++++---- salt/nginx/files/navigator_config.json | 78 +++++++++++++----------- salt/nginx/init.sls | 14 ++--- salt/soctopus/init.sls | 2 +- 4 files changed, 85 insertions(+), 58 deletions(-) diff --git a/salt/nginx/files/nav_layer_playbook.json b/salt/nginx/files/nav_layer_playbook.json index 69db796e8..a26f26542 100644 --- a/salt/nginx/files/nav_layer_playbook.json +++ b/salt/nginx/files/nav_layer_playbook.json @@ -1,27 +1,52 @@ { - "name": "Playbook", - "version": "3.0", - "domain": "mitre-enterprise", - "description": "Current Coverage of Playbook", + "name": "Playbook Coverage", + "versions": { + "attack": "11", + "navigator": "4.6.4", + "layer": "4.3" + }, + "domain": "enterprise-attack", + "description": "", "filters": { - "stages": ["act"], "platforms": [ - "windows", - "linux", - "mac" + "Linux", + "macOS", + "Windows", + "Azure AD", + "Office 365", + "SaaS", + "IaaS", + "Google Workspace", + "PRE", + "Network", + "Containers" ] }, "sorting": 0, - "viewMode": 0, + "layout": { + "layout": "side", + "aggregateFunction": "average", + "showID": false, + "showName": true, + "showAggregateScores": false, + "countUnscored": false + }, "hideDisabled": false, "techniques": [], "gradient": { - "colors": ["#ff6666", "#ffe766", "#8ec843"], + "colors": [ + "#ff6666ff", + "#ffe766ff", + "#8ec843ff" + ], "minValue": 0, "maxValue": 100 }, + "legendItems": [], "metadata": [], + "links": [], "showTacticRowBackground": false, "tacticRowBackground": "#dddddd", - "selectTechniquesAcrossTactics": true -} + "selectTechniquesAcrossTactics": true, + "selectSubtechniquesWithParent": false +} \ No newline at end of file diff --git a/salt/nginx/files/navigator_config.json b/salt/nginx/files/navigator_config.json index 3fd87139b..2f4672b48 100644 --- a/salt/nginx/files/navigator_config.json +++ b/salt/nginx/files/navigator_config.json @@ -1,58 +1,62 @@ {%- set URL_BASE = salt['pillar.get']('global:url_base', '') %} { - "enterprise_attack_url": "assets/enterprise-attack.json", - "pre_attack_url": "assets/pre-attack.json", - "mobile_data_url": "assets/mobile-attack.json", - "taxii_server": { - "enabled": false, - "url": "https://cti-taxii.mitre.org/", - "collections": { - "enterprise_attack": "95ecc380-afe9-11e4-9b6c-751b66dd541e", - "pre_attack": "062767bd-02d2-4b72-84ba-56caef0f8658", - "mobile_attack": "2f669986-b40b-4423-b720-4396ca6a462b" + "versions": [ + { + "name": "ATT&CK v11", + "version": "11", + "domains": [ + { + "name": "Enterprise", + "identifier": "enterprise-attack", + "data": ["assets/so/enterprise-attack.json"] + } + ] } + ], + + "custom_context_menu_items": [ {"label": "view related plays","url": " https://{{URL_BASE}}/playbook/projects/detection-playbooks/issues?utf8=%E2%9C%93&set_filter=1&sort=id%3Adesc&f%5B%5D=cf_15&op%5Bcf_15%5D=%3D&f%5B%5D=&c%5B%5D=status&c%5B%5D=cf_10&c%5B%5D=cf_13&c%5B%5D=cf_18&c%5B%5D=cf_19&c%5B%5D=cf_1&c%5B%5D=updated_on&v%5Bcf_15%5D%5B%5D=~Technique_ID~"}], + + "default_layers": { + "enabled": true, + "urls": ["assets/so/nav_layer_playbook.json"] }, - "domain": "mitre-enterprise", - - "custom_context_menu_items": [ {"label": "view related plays","url": " https://{{URL_BASE}}/playbook/projects/detection-playbooks/issues?utf8=%E2%9C%93&set_filter=1&sort=id%3Adesc&f%5B%5D=cf_15&op%5Bcf_15%5D=%3D&f%5B%5D=&c%5B%5D=status&c%5B%5D=cf_10&c%5B%5D=cf_13&c%5B%5D=cf_18&c%5B%5D=cf_19&c%5B%5D=cf_1&c%5B%5D=updated_on&v%5Bcf_15%5D%5B%5D=~Technique_ID~"}], - -"default_layers": { - "enabled": true, - "urls": [ - "assets/playbook.json" - ] - }, - "comment_color": "yellow", - + "link_color": "blue", + "banner": "", "features": [ + {"name": "leave_site_dialog", "enabled": true, "description": "Disable to remove the dialog prompt when leaving site."}, {"name": "tabs", "enabled": true, "description": "Disable to remove the ability to open new tabs."}, {"name": "selecting_techniques", "enabled": true, "description": "Disable to remove the ability to select techniques."}, {"name": "header", "enabled": true, "description": "Disable to remove the header containing 'MITRE ATT&CK Navigator' and the link to the help page. The help page can still be accessed from the new tab menu."}, + {"name": "subtechniques", "enabled": true, "description": "Disable to remove all sub-technique features from the interface."}, {"name": "selection_controls", "enabled": true, "description": "Disable to to disable all subfeatures", "subfeatures": [ {"name": "search", "enabled": true, "description": "Disable to remove the technique search panel from the interface."}, {"name": "multiselect", "enabled": true, "description": "Disable to remove the multiselect panel from interface."}, {"name": "deselect_all", "enabled": true, "description": "Disable to remove the deselect all button from the interface."} ]}, - {"name": "layer_controls", "enabled": true, "description": "Disable to to disable all subfeatures", "subfeatures": [ - {"name": "layer_info", "enabled": true, "description": "Disable to remove the layer info (name, description and metadata) panel from the interface. Note that the layer can still be renamed in the tab."}, + {"name": "layer_controls", "enabled": true, "description": "Disable to disable all subfeatures", "subfeatures": [ + {"name": "layer_info", "enabled": true, "description": "Disable to remove the layer info (name, description and layer metadata) panel from the interface. Note that the layer can still be renamed in the tab."}, {"name": "download_layer", "enabled": true, "description": "Disable to remove the button to download the layer."}, - {"name": "export_render", "enabled": true, "description": "Disable to the remove the button to render the current layer."}, - {"name": "export_excel", "enabled": true, "description": "Disable to the remove the button to export the current layer to MS Excel (.xlsx) format."}, - {"name": "filters", "enabled": true, "description": "Disable to the remove the filters panel from interface."}, - {"name": "sorting", "enabled": true, "description": "Disable to the remove the sorting button from the interface."}, - {"name": "color_setup", "enabled": true, "description": "Disable to the remove the color setup panel from interface, containing customization controls for scoring gradient and tactic row color."}, - {"name": "toggle_hide_disabled", "enabled": true, "description": "Disable to the remove the hide disabled techniques button from the interface."}, - {"name": "toggle_view_mode", "enabled": true, "description": "Disable to the remove the toggle view mode button from interface."}, - {"name": "legend", "enabled": true, "description": "Disable to the remove the legend panel from the interface."} + {"name": "export_render", "enabled": true, "description": "Disable to remove the button to render the current layer."}, + {"name": "export_excel", "enabled": true, "description": "Disable to remove the button to export the current layer to MS Excel (.xlsx) format."}, + {"name": "filters", "enabled": true, "description": "Disable to remove the filters panel from interface."}, + {"name": "sorting", "enabled": true, "description": "Disable to remove the sorting button from the interface."}, + {"name": "color_setup", "enabled": true, "description": "Disable to remove the color setup panel from interface, containing customization controls for scoring gradient and tactic row color."}, + {"name": "toggle_hide_disabled", "enabled": true, "description": "Disable to remove the hide disabled techniques button from the interface."}, + {"name": "layout_controls", "enabled": true, "description": "Disable to remove the ability to change the current matrix layout."}, + {"name": "legend", "enabled": true, "description": "Disable to remove the legend panel from the interface."} ]}, - {"name": "technique_controls", "enabled": true, "description": "Disable to to disable all subfeatures", "subfeatures": [ - {"name": "disable_techniques", "enabled": true, "description": "Disable to the remove the ability to disable techniques."}, - {"name": "manual_color", "enabled": true, "description": "Disable to the remove the ability to assign manual colors to techniques."}, - {"name": "scoring", "enabled": true, "description": "Disable to the remove the ability to score techniques."}, - {"name": "comments", "enabled": true, "description": "Disable to the remove the ability to add comments to techniques."}, + {"name": "technique_controls", "enabled": true, "description": "Disable to disable all subfeatures", "subfeatures": [ + {"name": "disable_techniques", "enabled": true, "description": "Disable to remove the ability to disable techniques."}, + {"name": "manual_color", "enabled": true, "description": "Disable to remove the ability to assign manual colors to techniques."}, + {"name": "scoring", "enabled": true, "description": "Disable to remove the ability to score techniques."}, + {"name": "comments", "enabled": true, "description": "Disable to remove the ability to add comments to techniques."}, + {"name": "comment_underline", "enabled": true, "description": "Disable to remove the comment underline effect on techniques."}, + {"name": "links", "enabled": true, "description": "Disable to remove the ability to assign hyperlinks to techniques."}, + {"name": "link_underline", "enabled": true, "description": "Disable to remove the hyperlink underline effect on techniques."}, + {"name": "metadata", "enabled": true, "description": "Disable to remove the ability to add metadata to techniques."}, {"name": "clear_annotations", "enabled": true, "description": "Disable to remove the button to clear all annotations on the selected techniques."} ]} ] diff --git a/salt/nginx/init.sls b/salt/nginx/init.sls index a195eb400..cad20996e 100644 --- a/salt/nginx/init.sls +++ b/salt/nginx/init.sls @@ -50,7 +50,7 @@ nginxtmp: navigatorconfig: file.managed: - - name: /opt/so/conf/navigator/navigator_config.json + - name: /opt/so/conf/navigator/config.json - source: salt://nginx/files/navigator_config.json - user: 939 - group: 939 @@ -59,7 +59,7 @@ navigatorconfig: navigatordefaultlayer: file.managed: - - name: /opt/so/conf/navigator/nav_layer_playbook.json + - name: /opt/so/conf/navigator/layers/nav_layer_playbook.json - source: salt://nginx/files/nav_layer_playbook.json - user: 939 - group: 939 @@ -69,7 +69,7 @@ navigatordefaultlayer: navigatorpreattack: file.managed: - - name: /opt/so/conf/navigator/pre-attack.json + - name: /opt/so/conf/navigator/layers/pre-attack.json - source: salt://nginx/files/pre-attack.json - user: 939 - group: 939 @@ -78,7 +78,7 @@ navigatorpreattack: navigatorenterpriseattack: file.managed: - - name: /opt/so/conf/navigator/enterprise-attack.json + - name: /opt/so/conf/navigator/layers/enterprise-attack.json - source: salt://nginx/files/enterprise-attack.json - user: 939 - group: 939 @@ -99,10 +99,8 @@ so-nginx: - /etc/pki/managerssl.crt:/etc/pki/nginx/server.crt:ro - /etc/pki/managerssl.key:/etc/pki/nginx/server.key:ro # ATT&CK Navigator binds - - /opt/so/conf/navigator/navigator_config.json:/opt/socore/html/navigator/assets/config.json:ro - - /opt/so/conf/navigator/nav_layer_playbook.json:/opt/socore/html/navigator/assets/playbook.json:ro - - /opt/so/conf/navigator/enterprise-attack.json:/opt/socore/html/navigator/assets/enterprise-attack.json:ro - - /opt/so/conf/navigator/pre-attack.json:/opt/socore/html/navigator/assets/pre-attack.json:ro + - /opt/so/conf/navigator/layers/:/opt/socore/html/navigator/assets/so:ro + - /opt/so/conf/navigator/config.json:/opt/socore/html/navigator/assets/config.json:ro {% endif %} {% if ISAIRGAP is sameas true %} - /nsm/repo:/opt/socore/html/repo:ro diff --git a/salt/soctopus/init.sls b/salt/soctopus/init.sls index 74ab5dcc1..7ad2640ea 100644 --- a/salt/soctopus/init.sls +++ b/salt/soctopus/init.sls @@ -66,7 +66,7 @@ so-soctopus: - /opt/so/conf/soctopus/SOCtopus.conf:/SOCtopus/SOCtopus.conf:ro - /opt/so/log/soctopus/:/var/log/SOCtopus/:rw - /opt/so/rules/elastalert/playbook:/etc/playbook-rules:rw - - /opt/so/conf/navigator/nav_layer_playbook.json:/etc/playbook/nav_layer_playbook.json:rw + - /opt/so/conf/navigator/layers/:/etc/playbook/:rw - /opt/so/conf/soctopus/sigma-import/:/SOCtopus/sigma-import/:rw {% if ISAIRGAP is sameas true %} - /nsm/repo/rules/sigma:/soctopus/sigma