UNPKG

@mitre-attack/attack-data-model

Version:

A TypeScript API for the MITRE ATT&CK data model

github.com/mitre-attack/attack-data-model

mitre-attack/attack-data-model

68 lines (62 loc) 2.47 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
import { attackBaseDomainObjectSchema } from "./chunk-ZHQVMLOZ.js"; import { objectMarkingRefsSchema, stixCreatedByRefSchema } from "./chunk-BUEHDLBB.js"; import { descriptionSchema } from "./chunk-DNIVZ2SM.js"; import { createAttackExternalReferencesSchema } from "./chunk-UP3ZMB5U.js"; import { xMitreContributorsSchema, xMitreModifiedByRefSchema } from "./chunk-U55YRJAX.js"; import { createStixIdValidator } from "./chunk-E3OY6DRE.js"; import { createStixTypeValidator } from "./chunk-PFSYT437.js"; import { xMitreDomainsSchema } from "./chunk-ZEHAFUHO.js"; import { createOldMitreAttackIdSchema } from "./chunk-SAFNV2G2.js"; // src/schemas/sdo/mitigation.schema.ts import "zod/v4"; var mitigationSchema = attackBaseDomainObjectSchema.extend({ id: createStixIdValidator("course-of-action"), type: createStixTypeValidator("course-of-action"), description: descriptionSchema.meta({ description: "A description that provides more details and context about the Mitigation." }), // Optional in STIX but required in ATT&CK created_by_ref: stixCreatedByRefSchema, // Optional in STIX but required in ATT&CK external_references: createAttackExternalReferencesSchema("course-of-action"), // Optional in STIX but required in ATT&CK object_marking_refs: objectMarkingRefsSchema, x_mitre_domains: xMitreDomainsSchema, x_mitre_modified_by_ref: xMitreModifiedByRefSchema, x_mitre_contributors: xMitreContributorsSchema.min(1).optional(), x_mitre_old_attack_id: createOldMitreAttackIdSchema("course-of-action").optional() }).strict().meta({ description: ` Mitigations represent defensive measures or controls that can reduce the effectiveness of adversary techniques. They are defined as [course-of-action](https://docs.oasis-open.org/cti/stix/v2.0/csprd01/part2-stix-objects/stix-v2.0-csprd01-part2-stix-objects.html#_Toc476230929) objects and strictly follow the STIX 2.1 specification without additional custom fields. ### ATT&CK ID Collisions (Legacy) **Historical context:** In ATT&CK versions prior to v5 (July 2019), mitigations maintained 1:1 relationships with techniques and shared identical ATT&CK IDs. This design was deprecated to support more flexible mitigation-to-technique mappings. **Current impact:** Legacy 1:1 mitigations may cause ATT&CK ID collisions between mitigations and techniques. These deprecated objects can be filtered out during queries. `.trim() }); export { mitigationSchema };