mitre

mitre package is designed to provide easy access to cybersecurity data standards. You can expect functions to get data frames for every standard object. It provide a directed graph with all relationships for deep exploratory analysis. You could avoid full parsing process using the latest public Rdata sets.

Installation

You can install the released version of mitre from CRAN with:

install.packages("mitre")

And the development version from GitHub with:

# install.packages("devtools")
devtools::install_github("motherhack3r/mitre")

Basic usage

This is a basic example which shows you how to view shield tactics ids and names:

library(mitre)
mitredata <- mitre::getLatestDataSet()
shield <- mitredata$standards$shield
shield$tactics[, c("id", "name")]
#>        id       name
#> 1 DTA0001    Channel
#> 2 DTA0002    Collect
#> 3 DTA0003    Contain
#> 4 DTA0004     Detect
#> 5 DTA0005    Disrupt
#> 6 DTA0006 Facilitate
#> 7 DTA0007 Legitimize
#> 8 DTA0008       Test

This example shows the number of ATT&CK Techniques by domain:

table(mitredata$standards$attck$techniques$domain)
#> 
#> enterprise-attack        ics-attack     mobile-attack 
#>               659                81               103

Network visualization

This is a example which shows you how to visualize shield network:

# library(visNetwork)
# g <- visNetwork::visNetwork(nodes = shield$shieldnet$nodes,
#                             edges = shield$shieldnet$edges)
# g

Find some more examples in vignettes to build your own graph like this.

Advanced exploratory analysis

Check this proof of concept project. It is a Rmarkdown document performing an exploratory analysis with mitre network and this data set.

• Exploratory analysis: developed by barbero95 and Marta.
• Sample incidents data set from rpackage attckr developed by Bob Rudis.

Code of conduct

Please note that this project is released with a Contributor Code of Conduct. By participating in this project you agree to abide by its terms.