UNPKG

@mitre-attack/attack-data-model

Version:

A TypeScript API for the MITRE ATT&CK data model

github.com/mitre-attack/attack-data-model

mitre-attack/attack-data-model

93 lines (90 loc) 3.24 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
import { attackBaseDomainObjectSchema } from "./chunk-ZHQVMLOZ.js"; import { descriptionSchema, nameSchema } from "./chunk-DNIVZ2SM.js"; import { createAttackExternalReferencesSchema } from "./chunk-UP3ZMB5U.js"; import { xMitreContributorsSchema, xMitreModifiedByRefSchema } from "./chunk-U55YRJAX.js"; import { createStixIdValidator } from "./chunk-E3OY6DRE.js"; import { createStixTypeValidator } from "./chunk-PFSYT437.js"; import { xMitreDomainsSchema } from "./chunk-ZEHAFUHO.js"; import { xMitrePlatformsSchema } from "./chunk-3VOOG6SX.js"; // src/schemas/sdo/asset.schema.ts import { z } from "zod/v4"; var supportedAssetSectors = [ "Electric", "Water and Wastewater", "Manufacturing", "Rail", "Maritime", "General" ]; var xMitreSectorsSchema = z.array( z.enum(supportedAssetSectors, { error: () => `Sector must be one of: ${supportedAssetSectors.join(", ")}` }), { error: (issue) => issue.code === "invalid_type" ? "related_asset_sectors must be an array" : "Invalid asset sectors array" } ).min(1).meta({ description: "List of industry sector(s) where this asset is commonly observed." }); var relatedAssetSchema = z.object({ name: nameSchema.meta({ description: "Sector-specific name or alias for the related asset" }), related_asset_sectors: xMitreSectorsSchema.optional(), description: descriptionSchema.optional().meta({ description: "How the related asset connects to the primary asset definition" }) }).meta({ description: "The `related_asset` object provides sector-specific asset variations and aliases" }); var relatedAssetsSchema = z.array(relatedAssetSchema).min(1).meta({ description: "Related assets describe sector specific device names or alias that may be commonly associated with the primary asset page name or functional description. Related asset objects include a description of how the related asset is associated with the page definition" }); var assetSchema = attackBaseDomainObjectSchema.extend({ id: createStixIdValidator("x-mitre-asset"), type: createStixTypeValidator("x-mitre-asset"), description: descriptionSchema.optional(), // Optional in STIX but required in ATT&CK external_references: createAttackExternalReferencesSchema("x-mitre-asset"), x_mitre_platforms: xMitrePlatformsSchema.optional(), x_mitre_domains: xMitreDomainsSchema, x_mitre_contributors: xMitreContributorsSchema.optional(), x_mitre_sectors: xMitreSectorsSchema.optional(), x_mitre_related_assets: relatedAssetsSchema.optional(), x_mitre_modified_by_ref: xMitreModifiedByRefSchema.optional() }).required({ object_marking_refs: true, // Optional in STIX but required in ATT&CK created_by_ref: true // Optional in STIX but required in ATT&CK }).strict().meta({ description: ` Assets represent systems, devices, or technologies that adversaries may target within organizational environments. They are defined as \`x-mitre-asset\` objects extending the generic [STIX Domain Object pattern](https://docs.oasis-open.org/cti/stix/v2.0/csprd01/part2-stix-objects/stix-v2.0-csprd01-part2-stix-objects.html#_Toc476230920). `.trim() }); export { xMitreSectorsSchema, relatedAssetSchema, relatedAssetsSchema, assetSchema };