@mitre-attack/attack-data-model/dist/schemas/sdo/technique.schema.d.ts

A TypeScript API for the MITRE ATT&CK data model

import { z } from 'zod/v4';

declare const xMitreNetworkRequirementsSchema: z.ZodBoolean;
type XMitreNetworkRequirements = z.infer<typeof xMitreNetworkRequirementsSchema>;
declare const xMitreEffectivePermissionsSchema: z.ZodArray<z.ZodEnum<{
    Administrator: "Administrator";
    SYSTEM: "SYSTEM";
    User: "User";
    root: "root";
}>>;
type XMitreEffectivePermissions = z.infer<typeof xMitreEffectivePermissionsSchema>;
declare const xMitreImpactTypeSchema: z.ZodArray<z.ZodEnum<{
    Availability: "Availability";
    Integrity: "Integrity";
}>>;
type XMitreImpactType = z.infer<typeof xMitreImpactTypeSchema>;
declare const xMitreSystemRequirementsSchema: z.ZodArray<z.ZodString>;
type XMitreSystemRequirements = z.infer<typeof xMitreSystemRequirementsSchema>;
declare const xMitreRemoteSupportSchema: z.ZodBoolean;
type XMitreRemoteSupport = z.infer<typeof xMitreRemoteSupportSchema>;
declare const xMitrePermissionsRequiredSchema: z.ZodArray<z.ZodEnum<{
    Administrator: "Administrator";
    SYSTEM: "SYSTEM";
    User: "User";
    root: "root";
    "Remote Desktop Users": "Remote Desktop Users";
}>>;
type XMitrePermissionsRequired = z.infer<typeof xMitrePermissionsRequiredSchema>;
declare const xMitreDataSourceSchema: z.ZodCustom<`${string}: ${string}`, `${string}: ${string}`>;
declare const xMitreDataSourcesSchema: z.ZodArray<z.ZodCustom<`${string}: ${string}`, `${string}: ${string}`>>;
type XMitreDataSource = z.infer<typeof xMitreDataSourceSchema>;
type XMitreDataSources = z.infer<typeof xMitreDataSourcesSchema>;
declare const xMitreIsSubtechniqueSchema: z.ZodBoolean;
type XMitreIsSubtechnique = z.infer<typeof xMitreIsSubtechniqueSchema>;
declare const xMitreTacticTypeSchema: z.ZodArray<z.ZodEnum<{
    "Post-Adversary Device Access": "Post-Adversary Device Access";
    "Pre-Adversary Device Access": "Pre-Adversary Device Access";
    "Without Adversary Device Access": "Without Adversary Device Access";
}>>;
type XMitreTacticType = z.infer<typeof xMitreTacticTypeSchema>;
declare const xMitreDefenseBypassesSchema: z.ZodArray<z.ZodEnum<{
    "Signature-based detection": "Signature-based detection";
    "Multi-Factor Authentication": "Multi-Factor Authentication";
    "Network Intrusion Detection System": "Network Intrusion Detection System";
    "Application Control": "Application Control";
    "Host forensic analysis": "Host forensic analysis";
    "Exploit Prevention": "Exploit Prevention";
    "Signature-based Detection": "Signature-based Detection";
    "Data Execution Prevention": "Data Execution Prevention";
    "Heuristic Detection": "Heuristic Detection";
    "File system access controls": "File system access controls";
    "File Monitoring": "File Monitoring";
    "Digital Certificate Validation": "Digital Certificate Validation";
    "Logon Credentials": "Logon Credentials";
    Firewall: "Firewall";
    "Host Forensic Analysis": "Host Forensic Analysis";
    "Static File Analysis": "Static File Analysis";
    "Heuristic detection": "Heuristic detection";
    Notarization: "Notarization";
    "System access controls": "System access controls";
    "Binary Analysis": "Binary Analysis";
    "Web Content Filters": "Web Content Filters";
    "Network intrusion detection system": "Network intrusion detection system";
    "Host intrusion prevention systems": "Host intrusion prevention systems";
    "Application control": "Application control";
    "Defensive network service scanning": "Defensive network service scanning";
    "User Mode Signature Validation": "User Mode Signature Validation";
    Encryption: "Encryption";
    "Log Analysis": "Log Analysis";
    "Autoruns Analysis": "Autoruns Analysis";
    "Anti Virus": "Anti Virus";
    Gatekeeper: "Gatekeeper";
    "Anti-virus": "Anti-virus";
    "Log analysis": "Log analysis";
    "Process whitelisting": "Process whitelisting";
    "Host Intrusion Prevention Systems": "Host Intrusion Prevention Systems";
    "Windows User Account Control": "Windows User Account Control";
    "System Access Controls": "System Access Controls";
    "Application whitelisting": "Application whitelisting";
    "Whitelisting by file name or path": "Whitelisting by file name or path";
    "File monitoring": "File monitoring";
}>>;
type XMitreDefenseBypasses = z.infer<typeof xMitreDefenseBypassesSchema>;
declare const xMitreDetectionSchema: z.ZodString;
type XMitreDetection = z.infer<typeof xMitreDetectionSchema>;
declare const extensibleTechniqueSchema: z.ZodObject<{
    spec_version: z.ZodEnum<{
        "2.0": "2.0";
        2.1: "2.1";
    }>;
    created: z.core.$ZodBranded<z.ZodISODateTime, "StixCreatedTimestamp">;
    modified: z.core.$ZodBranded<z.ZodISODateTime, "StixModifiedTimestamp">;
    created_by_ref: z.ZodOptional<z.ZodString>;
    labels: z.ZodOptional<z.ZodArray<z.ZodString>>;
    revoked: z.ZodOptional<z.ZodBoolean>;
    confidence: z.ZodOptional<z.ZodOptional<z.ZodNumber>>;
    lang: z.ZodOptional<z.ZodString>;
    object_marking_refs: z.ZodOptional<z.ZodArray<z.ZodString>>;
    granular_markings: z.ZodOptional<z.ZodArray<z.ZodObject<{
        marking_ref: z.ZodString;
        selectors: z.ZodArray<z.ZodString>;
    }, z.core.$strip>>>;
    extensions: z.ZodOptional<z.ZodRecord<z.ZodString, z.ZodUnion<readonly [z.ZodObject<{
        extension_type: z.ZodEnum<{
            "new-sdo": "new-sdo";
            "new-sco": "new-sco";
            "new-sro": "new-sro";
            "property-extension": "property-extension";
            "toplevel-property-extension": "toplevel-property-extension";
        }>;
    }, z.core.$catchall<z.ZodUnknown>>, z.ZodRecord<z.ZodString, z.ZodUnknown>]>>>;
    name: z.ZodString;
    x_mitre_attack_spec_version: z.ZodString;
    x_mitre_version: z.ZodString;
    x_mitre_old_attack_id: z.ZodOptional<z.ZodString>;
    x_mitre_deprecated: z.ZodOptional<z.ZodBoolean>;
    id: z.ZodString;
    type: z.ZodLiteral<"attack-pattern" | "bundle" | "campaign" | "course-of-action" | "extension-definition" | "identity" | "intrusion-set" | "malware" | "tool" | "marking-definition" | "x-mitre-analytic" | "x-mitre-data-component" | "x-mitre-detection-strategy" | "x-mitre-tactic" | "x-mitre-asset" | "x-mitre-data-source" | "x-mitre-log-source" | "x-mitre-matrix" | "x-mitre-collection" | "relationship" | "file" | "artifact">;
    external_references: z.ZodArray<z.ZodObject<{
        source_name: z.ZodString;
        description: z.ZodOptional<z.ZodString>;
        url: z.ZodOptional<z.ZodURL>;
        external_id: z.ZodOptional<z.ZodString>;
    }, z.core.$strip>>;
    kill_chain_phases: z.ZodOptional<z.ZodArray<z.ZodObject<{
        phase_name: z.ZodString;
        kill_chain_name: z.ZodEnum<{
            "mitre-attack": "mitre-attack";
            "mitre-mobile-attack": "mitre-mobile-attack";
            "mitre-ics-attack": "mitre-ics-attack";
        }>;
    }, z.core.$strict>>>;
    description: z.ZodOptional<z.ZodString>;
    x_mitre_platforms: z.ZodOptional<z.ZodArray<z.ZodEnum<{
        "Field Controller/RTU/PLC/IED": "Field Controller/RTU/PLC/IED";
        "Network Devices": "Network Devices";
        "Data Historian": "Data Historian";
        "Google Workspace": "Google Workspace";
        "Office Suite": "Office Suite";
        ESXi: "ESXi";
        "Identity Provider": "Identity Provider";
        Containers: "Containers";
        "Azure AD": "Azure AD";
        "Engineering Workstation": "Engineering Workstation";
        "Control Server": "Control Server";
        "Human-Machine Interface": "Human-Machine Interface";
        Windows: "Windows";
        Linux: "Linux";
        IaaS: "IaaS";
        None: "None";
        iOS: "iOS";
        PRE: "PRE";
        SaaS: "SaaS";
        "Input/Output Server": "Input/Output Server";
        macOS: "macOS";
        Android: "Android";
        "Safety Instrumented System/Protection Relay": "Safety Instrumented System/Protection Relay";
        Embedded: "Embedded";
    }>>>;
    x_mitre_detection: z.ZodOptional<z.ZodString>;
    x_mitre_is_subtechnique: z.ZodBoolean;
    x_mitre_data_sources: z.ZodOptional<z.ZodArray<z.ZodCustom<`${string}: ${string}`, `${string}: ${string}`>>>;
    x_mitre_defense_bypassed: z.ZodOptional<z.ZodArray<z.ZodEnum<{
        "Signature-based detection": "Signature-based detection";
        "Multi-Factor Authentication": "Multi-Factor Authentication";
        "Network Intrusion Detection System": "Network Intrusion Detection System";
        "Application Control": "Application Control";
        "Host forensic analysis": "Host forensic analysis";
        "Exploit Prevention": "Exploit Prevention";
        "Signature-based Detection": "Signature-based Detection";
        "Data Execution Prevention": "Data Execution Prevention";
        "Heuristic Detection": "Heuristic Detection";
        "File system access controls": "File system access controls";
        "File Monitoring": "File Monitoring";
        "Digital Certificate Validation": "Digital Certificate Validation";
        "Logon Credentials": "Logon Credentials";
        Firewall: "Firewall";
        "Host Forensic Analysis": "Host Forensic Analysis";
        "Static File Analysis": "Static File Analysis";
        "Heuristic detection": "Heuristic detection";
        Notarization: "Notarization";
        "System access controls": "System access controls";
        "Binary Analysis": "Binary Analysis";
        "Web Content Filters": "Web Content Filters";
        "Network intrusion detection system": "Network intrusion detection system";
        "Host intrusion prevention systems": "Host intrusion prevention systems";
        "Application control": "Application control";
        "Defensive network service scanning": "Defensive network service scanning";
        "User Mode Signature Validation": "User Mode Signature Validation";
        Encryption: "Encryption";
        "Log Analysis": "Log Analysis";
        "Autoruns Analysis": "Autoruns Analysis";
        "Anti Virus": "Anti Virus";
        Gatekeeper: "Gatekeeper";
        "Anti-virus": "Anti-virus";
        "Log analysis": "Log analysis";
        "Process whitelisting": "Process whitelisting";
        "Host Intrusion Prevention Systems": "Host Intrusion Prevention Systems";
        "Windows User Account Control": "Windows User Account Control";
        "System Access Controls": "System Access Controls";
        "Application whitelisting": "Application whitelisting";
        "Whitelisting by file name or path": "Whitelisting by file name or path";
        "File monitoring": "File monitoring";
    }>>>;
    x_mitre_contributors: z.ZodOptional<z.ZodArray<z.ZodString>>;
    x_mitre_permissions_required: z.ZodOptional<z.ZodArray<z.ZodEnum<{
        Administrator: "Administrator";
        SYSTEM: "SYSTEM";
        User: "User";
        root: "root";
        "Remote Desktop Users": "Remote Desktop Users";
    }>>>;
    x_mitre_remote_support: z.ZodOptional<z.ZodBoolean>;
    x_mitre_system_requirements: z.ZodOptional<z.ZodArray<z.ZodString>>;
    x_mitre_impact_type: z.ZodOptional<z.ZodArray<z.ZodEnum<{
        Availability: "Availability";
        Integrity: "Integrity";
    }>>>;
    x_mitre_effective_permissions: z.ZodOptional<z.ZodArray<z.ZodEnum<{
        Administrator: "Administrator";
        SYSTEM: "SYSTEM";
        User: "User";
        root: "root";
    }>>>;
    x_mitre_network_requirements: z.ZodOptional<z.ZodBoolean>;
    x_mitre_tactic_type: z.ZodOptional<z.ZodArray<z.ZodEnum<{
        "Post-Adversary Device Access": "Post-Adversary Device Access";
        "Pre-Adversary Device Access": "Pre-Adversary Device Access";
        "Without Adversary Device Access": "Without Adversary Device Access";
    }>>>;
    x_mitre_domains: z.ZodArray<z.ZodEnum<{
        "enterprise-attack": "enterprise-attack";
        "mobile-attack": "mobile-attack";
        "ics-attack": "ics-attack";
    }>>;
    x_mitre_modified_by_ref: z.ZodOptional<z.ZodLiteral<`identity--${string}`>>;
}, z.core.$strict>;
declare const techniqueSchema: z.ZodObject<{
    spec_version: z.ZodEnum<{
        "2.0": "2.0";
        2.1: "2.1";
    }>;
    created: z.core.$ZodBranded<z.ZodISODateTime, "StixCreatedTimestamp">;
    modified: z.core.$ZodBranded<z.ZodISODateTime, "StixModifiedTimestamp">;
    created_by_ref: z.ZodOptional<z.ZodString>;
    labels: z.ZodOptional<z.ZodArray<z.ZodString>>;
    revoked: z.ZodOptional<z.ZodBoolean>;
    confidence: z.ZodOptional<z.ZodOptional<z.ZodNumber>>;
    lang: z.ZodOptional<z.ZodString>;
    object_marking_refs: z.ZodOptional<z.ZodArray<z.ZodString>>;
    granular_markings: z.ZodOptional<z.ZodArray<z.ZodObject<{
        marking_ref: z.ZodString;
        selectors: z.ZodArray<z.ZodString>;
    }, z.core.$strip>>>;
    extensions: z.ZodOptional<z.ZodRecord<z.ZodString, z.ZodUnion<readonly [z.ZodObject<{
        extension_type: z.ZodEnum<{
            "new-sdo": "new-sdo";
            "new-sco": "new-sco";
            "new-sro": "new-sro";
            "property-extension": "property-extension";
            "toplevel-property-extension": "toplevel-property-extension";
        }>;
    }, z.core.$catchall<z.ZodUnknown>>, z.ZodRecord<z.ZodString, z.ZodUnknown>]>>>;
    name: z.ZodString;
    x_mitre_attack_spec_version: z.ZodString;
    x_mitre_version: z.ZodString;
    x_mitre_old_attack_id: z.ZodOptional<z.ZodString>;
    x_mitre_deprecated: z.ZodOptional<z.ZodBoolean>;
    id: z.ZodString;
    type: z.ZodLiteral<"attack-pattern" | "bundle" | "campaign" | "course-of-action" | "extension-definition" | "identity" | "intrusion-set" | "malware" | "tool" | "marking-definition" | "x-mitre-analytic" | "x-mitre-data-component" | "x-mitre-detection-strategy" | "x-mitre-tactic" | "x-mitre-asset" | "x-mitre-data-source" | "x-mitre-log-source" | "x-mitre-matrix" | "x-mitre-collection" | "relationship" | "file" | "artifact">;
    external_references: z.ZodArray<z.ZodObject<{
        source_name: z.ZodString;
        description: z.ZodOptional<z.ZodString>;
        url: z.ZodOptional<z.ZodURL>;
        external_id: z.ZodOptional<z.ZodString>;
    }, z.core.$strip>>;
    kill_chain_phases: z.ZodOptional<z.ZodArray<z.ZodObject<{
        phase_name: z.ZodString;
        kill_chain_name: z.ZodEnum<{
            "mitre-attack": "mitre-attack";
            "mitre-mobile-attack": "mitre-mobile-attack";
            "mitre-ics-attack": "mitre-ics-attack";
        }>;
    }, z.core.$strict>>>;
    description: z.ZodOptional<z.ZodString>;
    x_mitre_platforms: z.ZodOptional<z.ZodArray<z.ZodEnum<{
        "Field Controller/RTU/PLC/IED": "Field Controller/RTU/PLC/IED";
        "Network Devices": "Network Devices";
        "Data Historian": "Data Historian";
        "Google Workspace": "Google Workspace";
        "Office Suite": "Office Suite";
        ESXi: "ESXi";
        "Identity Provider": "Identity Provider";
        Containers: "Containers";
        "Azure AD": "Azure AD";
        "Engineering Workstation": "Engineering Workstation";
        "Control Server": "Control Server";
        "Human-Machine Interface": "Human-Machine Interface";
        Windows: "Windows";
        Linux: "Linux";
        IaaS: "IaaS";
        None: "None";
        iOS: "iOS";
        PRE: "PRE";
        SaaS: "SaaS";
        "Input/Output Server": "Input/Output Server";
        macOS: "macOS";
        Android: "Android";
        "Safety Instrumented System/Protection Relay": "Safety Instrumented System/Protection Relay";
        Embedded: "Embedded";
    }>>>;
    x_mitre_detection: z.ZodOptional<z.ZodString>;
    x_mitre_is_subtechnique: z.ZodBoolean;
    x_mitre_data_sources: z.ZodOptional<z.ZodArray<z.ZodCustom<`${string}: ${string}`, `${string}: ${string}`>>>;
    x_mitre_defense_bypassed: z.ZodOptional<z.ZodArray<z.ZodEnum<{
        "Signature-based detection": "Signature-based detection";
        "Multi-Factor Authentication": "Multi-Factor Authentication";
        "Network Intrusion Detection System": "Network Intrusion Detection System";
        "Application Control": "Application Control";
        "Host forensic analysis": "Host forensic analysis";
        "Exploit Prevention": "Exploit Prevention";
        "Signature-based Detection": "Signature-based Detection";
        "Data Execution Prevention": "Data Execution Prevention";
        "Heuristic Detection": "Heuristic Detection";
        "File system access controls": "File system access controls";
        "File Monitoring": "File Monitoring";
        "Digital Certificate Validation": "Digital Certificate Validation";
        "Logon Credentials": "Logon Credentials";
        Firewall: "Firewall";
        "Host Forensic Analysis": "Host Forensic Analysis";
        "Static File Analysis": "Static File Analysis";
        "Heuristic detection": "Heuristic detection";
        Notarization: "Notarization";
        "System access controls": "System access controls";
        "Binary Analysis": "Binary Analysis";
        "Web Content Filters": "Web Content Filters";
        "Network intrusion detection system": "Network intrusion detection system";
        "Host intrusion prevention systems": "Host intrusion prevention systems";
        "Application control": "Application control";
        "Defensive network service scanning": "Defensive network service scanning";
        "User Mode Signature Validation": "User Mode Signature Validation";
        Encryption: "Encryption";
        "Log Analysis": "Log Analysis";
        "Autoruns Analysis": "Autoruns Analysis";
        "Anti Virus": "Anti Virus";
        Gatekeeper: "Gatekeeper";
        "Anti-virus": "Anti-virus";
        "Log analysis": "Log analysis";
        "Process whitelisting": "Process whitelisting";
        "Host Intrusion Prevention Systems": "Host Intrusion Prevention Systems";
        "Windows User Account Control": "Windows User Account Control";
        "System Access Controls": "System Access Controls";
        "Application whitelisting": "Application whitelisting";
        "Whitelisting by file name or path": "Whitelisting by file name or path";
        "File monitoring": "File monitoring";
    }>>>;
    x_mitre_contributors: z.ZodOptional<z.ZodArray<z.ZodString>>;
    x_mitre_permissions_required: z.ZodOptional<z.ZodArray<z.ZodEnum<{
        Administrator: "Administrator";
        SYSTEM: "SYSTEM";
        User: "User";
        root: "root";
        "Remote Desktop Users": "Remote Desktop Users";
    }>>>;
    x_mitre_remote_support: z.ZodOptional<z.ZodBoolean>;
    x_mitre_system_requirements: z.ZodOptional<z.ZodArray<z.ZodString>>;
    x_mitre_impact_type: z.ZodOptional<z.ZodArray<z.ZodEnum<{
        Availability: "Availability";
        Integrity: "Integrity";
    }>>>;
    x_mitre_effective_permissions: z.ZodOptional<z.ZodArray<z.ZodEnum<{
        Administrator: "Administrator";
        SYSTEM: "SYSTEM";
        User: "User";
        root: "root";
    }>>>;
    x_mitre_network_requirements: z.ZodOptional<z.ZodBoolean>;
    x_mitre_tactic_type: z.ZodOptional<z.ZodArray<z.ZodEnum<{
        "Post-Adversary Device Access": "Post-Adversary Device Access";
        "Pre-Adversary Device Access": "Pre-Adversary Device Access";
        "Without Adversary Device Access": "Without Adversary Device Access";
    }>>>;
    x_mitre_domains: z.ZodArray<z.ZodEnum<{
        "enterprise-attack": "enterprise-attack";
        "mobile-attack": "mobile-attack";
        "ics-attack": "ics-attack";
    }>>;
    x_mitre_modified_by_ref: z.ZodOptional<z.ZodLiteral<`identity--${string}`>>;
}, z.core.$strict>;
type Technique = z.infer<typeof extensibleTechniqueSchema>;

export { type Technique, type XMitreDataSource, type XMitreDataSources, type XMitreDefenseBypasses, type XMitreDetection, type XMitreEffectivePermissions, type XMitreImpactType, type XMitreIsSubtechnique, type XMitreNetworkRequirements, type XMitrePermissionsRequired, type XMitreRemoteSupport, type XMitreSystemRequirements, type XMitreTacticType, extensibleTechniqueSchema, techniqueSchema, xMitreDataSourceSchema, xMitreDataSourcesSchema, xMitreDefenseBypassesSchema, xMitreDetectionSchema, xMitreEffectivePermissionsSchema, xMitreImpactTypeSchema, xMitreIsSubtechniqueSchema, xMitreNetworkRequirementsSchema, xMitrePermissionsRequiredSchema, xMitreRemoteSupportSchema, xMitreSystemRequirementsSchema, xMitreTacticTypeSchema };