UNPKG

@mitre-attack/attack-data-model

Version:

A TypeScript API for the MITRE ATT&CK data model

864 lines (862 loc) 69.9 kB
import { z } from 'zod/v4'; import { MarkingDefinition } from '../smo/marking-definition.schema.js'; import { Relationship } from '../sro/relationship.schema.js'; import { Analytic } from './analytic.schema.js'; import { Asset } from './asset.schema.js'; import { Campaign } from './campaign.schema.js'; import { Collection } from './collection.schema.js'; import { DataComponent } from './data-component.schema.js'; import { DataSource } from './data-source.schema.js'; import { DetectionStrategy } from './detection-strategy.schema.js'; import { Group } from './group.schema.js'; import { Identity } from './identity.schema.js'; import { Malware } from './malware.schema.js'; import { Matrix } from './matrix.schema.js'; import { Mitigation } from './mitigation.schema.js'; import { Tactic } from './tactic.schema.js'; import { Technique } from './technique.schema.js'; import { Tool } from './tool.schema.js'; import '../common/property-schemas/stix-id.js'; import '../common/property-schemas/stix-type.js'; type AttackObject = Malware | Asset | Campaign | Collection | DataComponent | DataSource | Identity | Matrix | Tool | Tactic | Technique | Group | Mitigation | DetectionStrategy | Analytic | Relationship | MarkingDefinition; declare const attackObjectsSchema: z.ZodTypeAny; type AttackObjects = z.infer<typeof attackObjectsSchema>; declare const stixBundleSchema: z.ZodObject<{ id: z.ZodString & z.ZodType<`bundle--${string}`, string, z.core.$ZodTypeInternals<`bundle--${string}`, string>>; type: z.ZodLiteral<"file" | "attack-pattern" | "bundle" | "campaign" | "course-of-action" | "extension-definition" | "identity" | "intrusion-set" | "malware" | "tool" | "marking-definition" | "x-mitre-analytic" | "x-mitre-data-component" | "x-mitre-detection-strategy" | "x-mitre-tactic" | "x-mitre-asset" | "x-mitre-data-source" | "x-mitre-matrix" | "x-mitre-collection" | "relationship" | "artifact">; objects: z.ZodArray<z.ZodDiscriminatedUnion<[z.ZodObject<{ spec_version: z.ZodLiteral<"2.1">; created: z.ZodISODateTime; modified: z.ZodISODateTime; labels: z.ZodOptional<z.ZodArray<z.ZodString>>; revoked: z.ZodOptional<z.ZodBoolean>; confidence: z.ZodOptional<z.ZodOptional<z.ZodNumber>>; lang: z.ZodOptional<z.ZodString>; external_references: z.ZodOptional<z.ZodArray<z.ZodObject<{ source_name: z.ZodString; description: z.ZodOptional<z.ZodString>; url: z.ZodOptional<z.ZodURL>; external_id: z.ZodOptional<z.ZodString>; }, z.core.$strip>>>; granular_markings: z.ZodOptional<z.ZodArray<z.ZodObject<{ lang: z.ZodOptional<z.ZodString>; marking_ref: z.ZodOptional<z.ZodString>; selectors: z.ZodArray<z.ZodString>; }, z.core.$strip>>>; extensions: z.ZodOptional<z.ZodRecord<z.ZodString, z.ZodUnion<readonly [z.ZodObject<{ extension_type: z.ZodEnum<{ "new-sdo": "new-sdo"; "new-sco": "new-sco"; "new-sro": "new-sro"; "property-extension": "property-extension"; "toplevel-property-extension": "toplevel-property-extension"; }>; }, z.core.$catchall<z.ZodUnknown>>, z.ZodRecord<z.ZodString, z.ZodUnknown>]>>>; name: z.ZodString; x_mitre_attack_spec_version: z.ZodString; x_mitre_version: z.ZodString; x_mitre_old_attack_id: z.ZodOptional<z.ZodString & z.ZodType<`MOB-M${number}` | `MOB-S${number}`, string, z.core.$ZodTypeInternals<`MOB-M${number}` | `MOB-S${number}`, string>>>; x_mitre_deprecated: z.ZodOptional<z.ZodBoolean>; id: z.ZodString & z.ZodType<`x-mitre-collection--${string}`, string, z.core.$ZodTypeInternals<`x-mitre-collection--${string}`, string>>; type: z.ZodLiteral<"file" | "attack-pattern" | "bundle" | "campaign" | "course-of-action" | "extension-definition" | "identity" | "intrusion-set" | "malware" | "tool" | "marking-definition" | "x-mitre-analytic" | "x-mitre-data-component" | "x-mitre-detection-strategy" | "x-mitre-tactic" | "x-mitre-asset" | "x-mitre-data-source" | "x-mitre-matrix" | "x-mitre-collection" | "relationship" | "artifact">; created_by_ref: z.ZodString & z.ZodType<`identity--${string}`, string, z.core.$ZodTypeInternals<`identity--${string}`, string>>; object_marking_refs: z.ZodArray<z.ZodString>; description: z.ZodString; x_mitre_contents: z.ZodArray<z.ZodObject<{ object_ref: z.ZodString; object_modified: z.ZodISODateTime; }, z.core.$strip>>; x_mitre_modified_by_ref: z.ZodOptional<z.ZodLiteral<`identity--${string}`>>; }, z.core.$strict>, z.ZodObject<{ spec_version: z.ZodLiteral<"2.1">; created: z.ZodISODateTime; modified: z.ZodISODateTime; created_by_ref: z.ZodNonOptional<z.ZodOptional<z.ZodString & z.ZodType<`identity--${string}`, string, z.core.$ZodTypeInternals<`identity--${string}`, string>>>>; labels: z.ZodOptional<z.ZodArray<z.ZodString>>; revoked: z.ZodOptional<z.ZodBoolean>; confidence: z.ZodOptional<z.ZodOptional<z.ZodNumber>>; lang: z.ZodOptional<z.ZodString>; object_marking_refs: z.ZodNonOptional<z.ZodOptional<z.ZodArray<z.ZodString>>>; granular_markings: z.ZodOptional<z.ZodArray<z.ZodObject<{ lang: z.ZodOptional<z.ZodString>; marking_ref: z.ZodOptional<z.ZodString>; selectors: z.ZodArray<z.ZodString>; }, z.core.$strip>>>; extensions: z.ZodOptional<z.ZodRecord<z.ZodString, z.ZodUnion<readonly [z.ZodObject<{ extension_type: z.ZodEnum<{ "new-sdo": "new-sdo"; "new-sco": "new-sco"; "new-sro": "new-sro"; "property-extension": "property-extension"; "toplevel-property-extension": "toplevel-property-extension"; }>; }, z.core.$catchall<z.ZodUnknown>>, z.ZodRecord<z.ZodString, z.ZodUnknown>]>>>; name: z.ZodString; x_mitre_attack_spec_version: z.ZodString; x_mitre_version: z.ZodString; x_mitre_old_attack_id: z.ZodOptional<z.ZodString & z.ZodType<`MOB-M${number}` | `MOB-S${number}`, string, z.core.$ZodTypeInternals<`MOB-M${number}` | `MOB-S${number}`, string>>>; x_mitre_deprecated: z.ZodOptional<z.ZodBoolean>; id: z.ZodString & z.ZodType<`x-mitre-analytic--${string}`, string, z.core.$ZodTypeInternals<`x-mitre-analytic--${string}`, string>>; type: z.ZodLiteral<"file" | "attack-pattern" | "bundle" | "campaign" | "course-of-action" | "extension-definition" | "identity" | "intrusion-set" | "malware" | "tool" | "marking-definition" | "x-mitre-analytic" | "x-mitre-data-component" | "x-mitre-detection-strategy" | "x-mitre-tactic" | "x-mitre-asset" | "x-mitre-data-source" | "x-mitre-matrix" | "x-mitre-collection" | "relationship" | "artifact">; description: z.ZodString; x_mitre_platforms: z.ZodArray<z.ZodEnum<{ "Field Controller/RTU/PLC/IED": "Field Controller/RTU/PLC/IED"; "Network Devices": "Network Devices"; "Data Historian": "Data Historian"; "Google Workspace": "Google Workspace"; "Office Suite": "Office Suite"; ESXi: "ESXi"; "Identity Provider": "Identity Provider"; Containers: "Containers"; "Azure AD": "Azure AD"; "Engineering Workstation": "Engineering Workstation"; "Control Server": "Control Server"; "Human-Machine Interface": "Human-Machine Interface"; Windows: "Windows"; Linux: "Linux"; IaaS: "IaaS"; None: "None"; iOS: "iOS"; PRE: "PRE"; SaaS: "SaaS"; "Input/Output Server": "Input/Output Server"; macOS: "macOS"; Android: "Android"; "Safety Instrumented System/Protection Relay": "Safety Instrumented System/Protection Relay"; Embedded: "Embedded"; }>>; external_references: z.ZodArray<z.ZodObject<{ source_name: z.ZodString; description: z.ZodOptional<z.ZodString>; url: z.ZodOptional<z.ZodURL>; external_id: z.ZodOptional<z.ZodString>; }, z.core.$strip>>; x_mitre_log_source_references: z.ZodOptional<z.ZodArray<z.ZodObject<{ x_mitre_data_component_ref: z.ZodString & z.ZodType<`x-mitre-data-component--${string}`, string, z.core.$ZodTypeInternals<`x-mitre-data-component--${string}`, string>>; name: z.ZodString; channel: z.ZodString; }, z.core.$strip>>>; x_mitre_mutable_elements: z.ZodOptional<z.ZodArray<z.ZodObject<{ field: z.ZodString; description: z.ZodString; }, z.core.$strip>>>; x_mitre_domains: z.ZodArray<z.ZodEnum<{ "enterprise-attack": "enterprise-attack"; "mobile-attack": "mobile-attack"; "ics-attack": "ics-attack"; }>>; x_mitre_modified_by_ref: z.ZodOptional<z.ZodLiteral<`identity--${string}`>>; }, z.core.$strict>, z.ZodObject<{ spec_version: z.ZodLiteral<"2.1">; created: z.ZodISODateTime; modified: z.ZodISODateTime; created_by_ref: z.ZodNonOptional<z.ZodOptional<z.ZodString & z.ZodType<`identity--${string}`, string, z.core.$ZodTypeInternals<`identity--${string}`, string>>>>; labels: z.ZodOptional<z.ZodArray<z.ZodString>>; revoked: z.ZodOptional<z.ZodBoolean>; confidence: z.ZodOptional<z.ZodOptional<z.ZodNumber>>; lang: z.ZodOptional<z.ZodString>; object_marking_refs: z.ZodNonOptional<z.ZodOptional<z.ZodArray<z.ZodString>>>; granular_markings: z.ZodOptional<z.ZodArray<z.ZodObject<{ lang: z.ZodOptional<z.ZodString>; marking_ref: z.ZodOptional<z.ZodString>; selectors: z.ZodArray<z.ZodString>; }, z.core.$strip>>>; extensions: z.ZodOptional<z.ZodRecord<z.ZodString, z.ZodUnion<readonly [z.ZodObject<{ extension_type: z.ZodEnum<{ "new-sdo": "new-sdo"; "new-sco": "new-sco"; "new-sro": "new-sro"; "property-extension": "property-extension"; "toplevel-property-extension": "toplevel-property-extension"; }>; }, z.core.$catchall<z.ZodUnknown>>, z.ZodRecord<z.ZodString, z.ZodUnknown>]>>>; name: z.ZodString; x_mitre_attack_spec_version: z.ZodString; x_mitre_version: z.ZodString; x_mitre_old_attack_id: z.ZodOptional<z.ZodString & z.ZodType<`MOB-M${number}` | `MOB-S${number}`, string, z.core.$ZodTypeInternals<`MOB-M${number}` | `MOB-S${number}`, string>>>; x_mitre_deprecated: z.ZodOptional<z.ZodBoolean>; id: z.ZodString & z.ZodType<`x-mitre-asset--${string}`, string, z.core.$ZodTypeInternals<`x-mitre-asset--${string}`, string>>; type: z.ZodLiteral<"file" | "attack-pattern" | "bundle" | "campaign" | "course-of-action" | "extension-definition" | "identity" | "intrusion-set" | "malware" | "tool" | "marking-definition" | "x-mitre-analytic" | "x-mitre-data-component" | "x-mitre-detection-strategy" | "x-mitre-tactic" | "x-mitre-asset" | "x-mitre-data-source" | "x-mitre-matrix" | "x-mitre-collection" | "relationship" | "artifact">; description: z.ZodOptional<z.ZodString>; external_references: z.ZodArray<z.ZodObject<{ source_name: z.ZodString; description: z.ZodOptional<z.ZodString>; url: z.ZodOptional<z.ZodURL>; external_id: z.ZodOptional<z.ZodString>; }, z.core.$strip>>; x_mitre_platforms: z.ZodOptional<z.ZodArray<z.ZodEnum<{ "Field Controller/RTU/PLC/IED": "Field Controller/RTU/PLC/IED"; "Network Devices": "Network Devices"; "Data Historian": "Data Historian"; "Google Workspace": "Google Workspace"; "Office Suite": "Office Suite"; ESXi: "ESXi"; "Identity Provider": "Identity Provider"; Containers: "Containers"; "Azure AD": "Azure AD"; "Engineering Workstation": "Engineering Workstation"; "Control Server": "Control Server"; "Human-Machine Interface": "Human-Machine Interface"; Windows: "Windows"; Linux: "Linux"; IaaS: "IaaS"; None: "None"; iOS: "iOS"; PRE: "PRE"; SaaS: "SaaS"; "Input/Output Server": "Input/Output Server"; macOS: "macOS"; Android: "Android"; "Safety Instrumented System/Protection Relay": "Safety Instrumented System/Protection Relay"; Embedded: "Embedded"; }>>>; x_mitre_domains: z.ZodArray<z.ZodEnum<{ "enterprise-attack": "enterprise-attack"; "mobile-attack": "mobile-attack"; "ics-attack": "ics-attack"; }>>; x_mitre_contributors: z.ZodOptional<z.ZodArray<z.ZodString>>; x_mitre_sectors: z.ZodOptional<z.ZodArray<z.ZodEnum<{ Electric: "Electric"; "Water and Wastewater": "Water and Wastewater"; Manufacturing: "Manufacturing"; Rail: "Rail"; Maritime: "Maritime"; General: "General"; }>>>; x_mitre_related_assets: z.ZodOptional<z.ZodArray<z.ZodObject<{ name: z.ZodString; related_asset_sectors: z.ZodOptional<z.ZodArray<z.ZodEnum<{ Electric: "Electric"; "Water and Wastewater": "Water and Wastewater"; Manufacturing: "Manufacturing"; Rail: "Rail"; Maritime: "Maritime"; General: "General"; }>>>; description: z.ZodOptional<z.ZodString>; }, z.core.$strip>>>; x_mitre_modified_by_ref: z.ZodOptional<z.ZodLiteral<`identity--${string}`>>; }, z.core.$strict>, z.ZodObject<{ spec_version: z.ZodLiteral<"2.1">; created: z.ZodISODateTime; modified: z.ZodISODateTime; created_by_ref: z.ZodNonOptional<z.ZodOptional<z.ZodString & z.ZodType<`identity--${string}`, string, z.core.$ZodTypeInternals<`identity--${string}`, string>>>>; labels: z.ZodOptional<z.ZodArray<z.ZodString>>; revoked: z.ZodNonOptional<z.ZodOptional<z.ZodBoolean>>; confidence: z.ZodOptional<z.ZodOptional<z.ZodNumber>>; lang: z.ZodOptional<z.ZodString>; object_marking_refs: z.ZodNonOptional<z.ZodOptional<z.ZodArray<z.ZodString>>>; granular_markings: z.ZodOptional<z.ZodArray<z.ZodObject<{ lang: z.ZodOptional<z.ZodString>; marking_ref: z.ZodOptional<z.ZodString>; selectors: z.ZodArray<z.ZodString>; }, z.core.$strip>>>; extensions: z.ZodOptional<z.ZodRecord<z.ZodString, z.ZodUnion<readonly [z.ZodObject<{ extension_type: z.ZodEnum<{ "new-sdo": "new-sdo"; "new-sco": "new-sco"; "new-sro": "new-sro"; "property-extension": "property-extension"; "toplevel-property-extension": "toplevel-property-extension"; }>; }, z.core.$catchall<z.ZodUnknown>>, z.ZodRecord<z.ZodString, z.ZodUnknown>]>>>; name: z.ZodString; x_mitre_attack_spec_version: z.ZodString; x_mitre_version: z.ZodString; x_mitre_old_attack_id: z.ZodOptional<z.ZodString & z.ZodType<`MOB-M${number}` | `MOB-S${number}`, string, z.core.$ZodTypeInternals<`MOB-M${number}` | `MOB-S${number}`, string>>>; x_mitre_deprecated: z.ZodOptional<z.ZodBoolean>; id: z.ZodString & z.ZodType<`campaign--${string}`, string, z.core.$ZodTypeInternals<`campaign--${string}`, string>>; type: z.ZodLiteral<"file" | "attack-pattern" | "bundle" | "campaign" | "course-of-action" | "extension-definition" | "identity" | "intrusion-set" | "malware" | "tool" | "marking-definition" | "x-mitre-analytic" | "x-mitre-data-component" | "x-mitre-detection-strategy" | "x-mitre-tactic" | "x-mitre-asset" | "x-mitre-data-source" | "x-mitre-matrix" | "x-mitre-collection" | "relationship" | "artifact">; description: z.ZodString; external_references: z.ZodArray<z.ZodObject<{ source_name: z.ZodString; description: z.ZodOptional<z.ZodString>; url: z.ZodOptional<z.ZodURL>; external_id: z.ZodOptional<z.ZodString>; }, z.core.$strip>>; x_mitre_domains: z.ZodArray<z.ZodEnum<{ "enterprise-attack": "enterprise-attack"; "mobile-attack": "mobile-attack"; "ics-attack": "ics-attack"; }>>; x_mitre_modified_by_ref: z.ZodLiteral<`identity--${string}`>; x_mitre_contributors: z.ZodOptional<z.ZodArray<z.ZodString>>; aliases: z.ZodArray<z.ZodString>; first_seen: z.ZodISODateTime; last_seen: z.ZodISODateTime; x_mitre_first_seen_citation: z.ZodCustom<string, string>; x_mitre_last_seen_citation: z.ZodCustom<string, string>; }, z.core.$strict>, z.ZodObject<{ spec_version: z.ZodLiteral<"2.1">; created: z.ZodISODateTime; modified: z.ZodISODateTime; labels: z.ZodOptional<z.ZodArray<z.ZodString>>; revoked: z.ZodOptional<z.ZodBoolean>; confidence: z.ZodOptional<z.ZodOptional<z.ZodNumber>>; lang: z.ZodOptional<z.ZodString>; external_references: z.ZodOptional<z.ZodArray<z.ZodObject<{ source_name: z.ZodString; description: z.ZodOptional<z.ZodString>; url: z.ZodOptional<z.ZodURL>; external_id: z.ZodOptional<z.ZodString>; }, z.core.$strip>>>; granular_markings: z.ZodOptional<z.ZodArray<z.ZodObject<{ lang: z.ZodOptional<z.ZodString>; marking_ref: z.ZodOptional<z.ZodString>; selectors: z.ZodArray<z.ZodString>; }, z.core.$strip>>>; extensions: z.ZodOptional<z.ZodRecord<z.ZodString, z.ZodUnion<readonly [z.ZodObject<{ extension_type: z.ZodEnum<{ "new-sdo": "new-sdo"; "new-sco": "new-sco"; "new-sro": "new-sro"; "property-extension": "property-extension"; "toplevel-property-extension": "toplevel-property-extension"; }>; }, z.core.$catchall<z.ZodUnknown>>, z.ZodRecord<z.ZodString, z.ZodUnknown>]>>>; name: z.ZodString; x_mitre_attack_spec_version: z.ZodString; x_mitre_version: z.ZodString; x_mitre_old_attack_id: z.ZodOptional<z.ZodString & z.ZodType<`MOB-M${number}` | `MOB-S${number}`, string, z.core.$ZodTypeInternals<`MOB-M${number}` | `MOB-S${number}`, string>>>; x_mitre_deprecated: z.ZodOptional<z.ZodBoolean>; id: z.ZodString & z.ZodType<`x-mitre-data-component--${string}`, string, z.core.$ZodTypeInternals<`x-mitre-data-component--${string}`, string>>; type: z.ZodLiteral<"file" | "attack-pattern" | "bundle" | "campaign" | "course-of-action" | "extension-definition" | "identity" | "intrusion-set" | "malware" | "tool" | "marking-definition" | "x-mitre-analytic" | "x-mitre-data-component" | "x-mitre-detection-strategy" | "x-mitre-tactic" | "x-mitre-asset" | "x-mitre-data-source" | "x-mitre-matrix" | "x-mitre-collection" | "relationship" | "artifact">; description: z.ZodString; created_by_ref: z.ZodString & z.ZodType<`identity--${string}`, string, z.core.$ZodTypeInternals<`identity--${string}`, string>>; object_marking_refs: z.ZodArray<z.ZodString>; x_mitre_domains: z.ZodArray<z.ZodEnum<{ "enterprise-attack": "enterprise-attack"; "mobile-attack": "mobile-attack"; "ics-attack": "ics-attack"; }>>; x_mitre_modified_by_ref: z.ZodLiteral<`identity--${string}`>; x_mitre_data_source_ref: z.ZodOptional<z.ZodString & z.ZodType<`x-mitre-data-source--${string}`, string, z.core.$ZodTypeInternals<`x-mitre-data-source--${string}`, string>>>; x_mitre_log_sources: z.ZodOptional<z.ZodArray<z.ZodObject<{ name: z.ZodString; channel: z.ZodString; }, z.core.$strict>>>; }, z.core.$strict>, z.ZodObject<{ spec_version: z.ZodLiteral<"2.1">; created: z.ZodISODateTime; modified: z.ZodISODateTime; created_by_ref: z.ZodNonOptional<z.ZodOptional<z.ZodString & z.ZodType<`identity--${string}`, string, z.core.$ZodTypeInternals<`identity--${string}`, string>>>>; labels: z.ZodOptional<z.ZodArray<z.ZodString>>; revoked: z.ZodOptional<z.ZodBoolean>; confidence: z.ZodOptional<z.ZodOptional<z.ZodNumber>>; lang: z.ZodOptional<z.ZodString>; object_marking_refs: z.ZodNonOptional<z.ZodOptional<z.ZodArray<z.ZodString>>>; granular_markings: z.ZodOptional<z.ZodArray<z.ZodObject<{ lang: z.ZodOptional<z.ZodString>; marking_ref: z.ZodOptional<z.ZodString>; selectors: z.ZodArray<z.ZodString>; }, z.core.$strip>>>; extensions: z.ZodOptional<z.ZodRecord<z.ZodString, z.ZodUnion<readonly [z.ZodObject<{ extension_type: z.ZodEnum<{ "new-sdo": "new-sdo"; "new-sco": "new-sco"; "new-sro": "new-sro"; "property-extension": "property-extension"; "toplevel-property-extension": "toplevel-property-extension"; }>; }, z.core.$catchall<z.ZodUnknown>>, z.ZodRecord<z.ZodString, z.ZodUnknown>]>>>; name: z.ZodString; x_mitre_attack_spec_version: z.ZodString; x_mitre_version: z.ZodString; x_mitre_old_attack_id: z.ZodOptional<z.ZodString & z.ZodType<`MOB-M${number}` | `MOB-S${number}`, string, z.core.$ZodTypeInternals<`MOB-M${number}` | `MOB-S${number}`, string>>>; x_mitre_deprecated: z.ZodOptional<z.ZodBoolean>; id: z.ZodString & z.ZodType<`x-mitre-data-source--${string}`, string, z.core.$ZodTypeInternals<`x-mitre-data-source--${string}`, string>>; type: z.ZodLiteral<"file" | "attack-pattern" | "bundle" | "campaign" | "course-of-action" | "extension-definition" | "identity" | "intrusion-set" | "malware" | "tool" | "marking-definition" | "x-mitre-analytic" | "x-mitre-data-component" | "x-mitre-detection-strategy" | "x-mitre-tactic" | "x-mitre-asset" | "x-mitre-data-source" | "x-mitre-matrix" | "x-mitre-collection" | "relationship" | "artifact">; description: z.ZodString; external_references: z.ZodArray<z.ZodObject<{ source_name: z.ZodString; description: z.ZodOptional<z.ZodString>; url: z.ZodOptional<z.ZodURL>; external_id: z.ZodOptional<z.ZodString>; }, z.core.$strip>>; x_mitre_platforms: z.ZodOptional<z.ZodArray<z.ZodEnum<{ "Field Controller/RTU/PLC/IED": "Field Controller/RTU/PLC/IED"; "Network Devices": "Network Devices"; "Data Historian": "Data Historian"; "Google Workspace": "Google Workspace"; "Office Suite": "Office Suite"; ESXi: "ESXi"; "Identity Provider": "Identity Provider"; Containers: "Containers"; "Azure AD": "Azure AD"; "Engineering Workstation": "Engineering Workstation"; "Control Server": "Control Server"; "Human-Machine Interface": "Human-Machine Interface"; Windows: "Windows"; Linux: "Linux"; IaaS: "IaaS"; None: "None"; iOS: "iOS"; PRE: "PRE"; SaaS: "SaaS"; "Input/Output Server": "Input/Output Server"; macOS: "macOS"; Android: "Android"; "Safety Instrumented System/Protection Relay": "Safety Instrumented System/Protection Relay"; Embedded: "Embedded"; }>>>; x_mitre_domains: z.ZodArray<z.ZodEnum<{ "enterprise-attack": "enterprise-attack"; "mobile-attack": "mobile-attack"; "ics-attack": "ics-attack"; }>>; x_mitre_modified_by_ref: z.ZodLiteral<`identity--${string}`>; x_mitre_contributors: z.ZodOptional<z.ZodArray<z.ZodString>>; x_mitre_collection_layers: z.ZodArray<z.ZodEnum<{ "Cloud Control Plane": "Cloud Control Plane"; Host: "Host"; Report: "Report"; Container: "Container"; Device: "Device"; OSINT: "OSINT"; Network: "Network"; }>>; }, z.core.$strict>, z.ZodObject<{ spec_version: z.ZodLiteral<"2.1">; created: z.ZodISODateTime; modified: z.ZodISODateTime; created_by_ref: z.ZodNonOptional<z.ZodOptional<z.ZodString & z.ZodType<`identity--${string}`, string, z.core.$ZodTypeInternals<`identity--${string}`, string>>>>; labels: z.ZodOptional<z.ZodArray<z.ZodString>>; revoked: z.ZodOptional<z.ZodBoolean>; confidence: z.ZodOptional<z.ZodOptional<z.ZodNumber>>; lang: z.ZodOptional<z.ZodString>; object_marking_refs: z.ZodNonOptional<z.ZodOptional<z.ZodArray<z.ZodString>>>; granular_markings: z.ZodOptional<z.ZodArray<z.ZodObject<{ lang: z.ZodOptional<z.ZodString>; marking_ref: z.ZodOptional<z.ZodString>; selectors: z.ZodArray<z.ZodString>; }, z.core.$strip>>>; extensions: z.ZodOptional<z.ZodRecord<z.ZodString, z.ZodUnion<readonly [z.ZodObject<{ extension_type: z.ZodEnum<{ "new-sdo": "new-sdo"; "new-sco": "new-sco"; "new-sro": "new-sro"; "property-extension": "property-extension"; "toplevel-property-extension": "toplevel-property-extension"; }>; }, z.core.$catchall<z.ZodUnknown>>, z.ZodRecord<z.ZodString, z.ZodUnknown>]>>>; name: z.ZodString; x_mitre_attack_spec_version: z.ZodString; x_mitre_version: z.ZodString; x_mitre_old_attack_id: z.ZodOptional<z.ZodString & z.ZodType<`MOB-M${number}` | `MOB-S${number}`, string, z.core.$ZodTypeInternals<`MOB-M${number}` | `MOB-S${number}`, string>>>; x_mitre_deprecated: z.ZodOptional<z.ZodBoolean>; id: z.ZodString & z.ZodType<`x-mitre-detection-strategy--${string}`, string, z.core.$ZodTypeInternals<`x-mitre-detection-strategy--${string}`, string>>; type: z.ZodLiteral<"file" | "attack-pattern" | "bundle" | "campaign" | "course-of-action" | "extension-definition" | "identity" | "intrusion-set" | "malware" | "tool" | "marking-definition" | "x-mitre-analytic" | "x-mitre-data-component" | "x-mitre-detection-strategy" | "x-mitre-tactic" | "x-mitre-asset" | "x-mitre-data-source" | "x-mitre-matrix" | "x-mitre-collection" | "relationship" | "artifact">; external_references: z.ZodArray<z.ZodObject<{ source_name: z.ZodString; description: z.ZodOptional<z.ZodString>; url: z.ZodOptional<z.ZodURL>; external_id: z.ZodOptional<z.ZodString>; }, z.core.$strip>>; x_mitre_modified_by_ref: z.ZodLiteral<`identity--${string}`>; x_mitre_contributors: z.ZodArray<z.ZodString>; x_mitre_analytic_refs: z.ZodArray<z.ZodString & z.ZodType<`x-mitre-analytic--${string}`, string, z.core.$ZodTypeInternals<`x-mitre-analytic--${string}`, string>>>; x_mitre_domains: z.ZodArray<z.ZodEnum<{ "enterprise-attack": "enterprise-attack"; "mobile-attack": "mobile-attack"; "ics-attack": "ics-attack"; }>>; }, z.core.$strict>, z.ZodObject<{ spec_version: z.ZodLiteral<"2.1">; created: z.ZodISODateTime; modified: z.ZodISODateTime; created_by_ref: z.ZodOptional<z.ZodString & z.ZodType<`identity--${string}`, string, z.core.$ZodTypeInternals<`identity--${string}`, string>>>; labels: z.ZodOptional<z.ZodArray<z.ZodString>>; revoked: z.ZodOptional<z.ZodBoolean>; confidence: z.ZodOptional<z.ZodOptional<z.ZodNumber>>; lang: z.ZodOptional<z.ZodString>; object_marking_refs: z.ZodOptional<z.ZodArray<z.ZodString>>; granular_markings: z.ZodOptional<z.ZodArray<z.ZodObject<{ lang: z.ZodOptional<z.ZodString>; marking_ref: z.ZodOptional<z.ZodString>; selectors: z.ZodArray<z.ZodString>; }, z.core.$strip>>>; extensions: z.ZodOptional<z.ZodRecord<z.ZodString, z.ZodUnion<readonly [z.ZodObject<{ extension_type: z.ZodEnum<{ "new-sdo": "new-sdo"; "new-sco": "new-sco"; "new-sro": "new-sro"; "property-extension": "property-extension"; "toplevel-property-extension": "toplevel-property-extension"; }>; }, z.core.$catchall<z.ZodUnknown>>, z.ZodRecord<z.ZodString, z.ZodUnknown>]>>>; name: z.ZodString; x_mitre_attack_spec_version: z.ZodString; x_mitre_version: z.ZodString; x_mitre_old_attack_id: z.ZodOptional<z.ZodString & z.ZodType<`MOB-M${number}` | `MOB-S${number}`, string, z.core.$ZodTypeInternals<`MOB-M${number}` | `MOB-S${number}`, string>>>; x_mitre_deprecated: z.ZodOptional<z.ZodBoolean>; id: z.ZodString & z.ZodType<`intrusion-set--${string}`, string, z.core.$ZodTypeInternals<`intrusion-set--${string}`, string>>; type: z.ZodLiteral<"file" | "attack-pattern" | "bundle" | "campaign" | "course-of-action" | "extension-definition" | "identity" | "intrusion-set" | "malware" | "tool" | "marking-definition" | "x-mitre-analytic" | "x-mitre-data-component" | "x-mitre-detection-strategy" | "x-mitre-tactic" | "x-mitre-asset" | "x-mitre-data-source" | "x-mitre-matrix" | "x-mitre-collection" | "relationship" | "artifact">; description: z.ZodOptional<z.ZodString>; external_references: z.ZodArray<z.ZodObject<{ source_name: z.ZodString; description: z.ZodOptional<z.ZodString>; url: z.ZodOptional<z.ZodURL>; external_id: z.ZodOptional<z.ZodString>; }, z.core.$strip>>; x_mitre_domains: z.ZodArray<z.ZodEnum<{ "enterprise-attack": "enterprise-attack"; "mobile-attack": "mobile-attack"; "ics-attack": "ics-attack"; }>>; x_mitre_contributors: z.ZodOptional<z.ZodArray<z.ZodString>>; x_mitre_modified_by_ref: z.ZodOptional<z.ZodLiteral<`identity--${string}`>>; aliases: z.ZodOptional<z.ZodArray<z.ZodString>>; first_seen: z.ZodOptional<z.ZodISODateTime>; last_seen: z.ZodOptional<z.ZodISODateTime>; goals: z.ZodOptional<z.ZodArray<z.ZodString>>; resource_level: z.ZodOptional<z.ZodEnum<{ individual: "individual"; organization: "organization"; club: "club"; contest: "contest"; team: "team"; government: "government"; }>>; primary_motivation: z.ZodOptional<z.ZodEnum<{ accidental: "accidental"; coercion: "coercion"; dominance: "dominance"; ideology: "ideology"; notoriety: "notoriety"; "organizational-gain": "organizational-gain"; "personal-gain": "personal-gain"; "personal-satisfaction": "personal-satisfaction"; revenge: "revenge"; unpredictable: "unpredictable"; }>>; secondary_motivations: z.ZodOptional<z.ZodArray<z.ZodEnum<{ accidental: "accidental"; coercion: "coercion"; dominance: "dominance"; ideology: "ideology"; notoriety: "notoriety"; "organizational-gain": "organizational-gain"; "personal-gain": "personal-gain"; "personal-satisfaction": "personal-satisfaction"; revenge: "revenge"; unpredictable: "unpredictable"; }>>>; }, z.core.$strict>, z.ZodObject<{ type: z.ZodLiteral<"file" | "attack-pattern" | "bundle" | "campaign" | "course-of-action" | "extension-definition" | "identity" | "intrusion-set" | "malware" | "tool" | "marking-definition" | "x-mitre-analytic" | "x-mitre-data-component" | "x-mitre-detection-strategy" | "x-mitre-tactic" | "x-mitre-asset" | "x-mitre-data-source" | "x-mitre-matrix" | "x-mitre-collection" | "relationship" | "artifact">; id: z.ZodString & z.ZodType<`identity--${string}`, string, z.core.$ZodTypeInternals<`identity--${string}`, string>>; description: z.ZodOptional<z.ZodString>; lang: z.ZodOptional<z.ZodString>; spec_version: z.ZodLiteral<"2.1">; created_by_ref: z.ZodOptional<z.ZodString & z.ZodType<`identity--${string}`, string, z.core.$ZodTypeInternals<`identity--${string}`, string>>>; name: z.ZodString; created: z.ZodISODateTime; modified: z.ZodISODateTime; revoked: z.ZodOptional<z.ZodBoolean>; labels: z.ZodOptional<z.ZodArray<z.ZodString>>; external_references: z.ZodOptional<z.ZodArray<z.ZodObject<{ source_name: z.ZodString; description: z.ZodOptional<z.ZodString>; url: z.ZodOptional<z.ZodURL>; external_id: z.ZodOptional<z.ZodString>; }, z.core.$strip>>>; object_marking_refs: z.ZodArray<z.ZodString>; granular_markings: z.ZodOptional<z.ZodArray<z.ZodObject<{ lang: z.ZodOptional<z.ZodString>; marking_ref: z.ZodOptional<z.ZodString>; selectors: z.ZodArray<z.ZodString>; }, z.core.$strip>>>; confidence: z.ZodOptional<z.ZodOptional<z.ZodNumber>>; extensions: z.ZodOptional<z.ZodRecord<z.ZodString, z.ZodUnion<readonly [z.ZodObject<{ extension_type: z.ZodEnum<{ "new-sdo": "new-sdo"; "new-sco": "new-sco"; "new-sro": "new-sro"; "property-extension": "property-extension"; "toplevel-property-extension": "toplevel-property-extension"; }>; }, z.core.$catchall<z.ZodUnknown>>, z.ZodRecord<z.ZodString, z.ZodUnknown>]>>>; x_mitre_attack_spec_version: z.ZodString; x_mitre_old_attack_id: z.ZodOptional<z.ZodString & z.ZodType<`MOB-M${number}` | `MOB-S${number}`, string, z.core.$ZodTypeInternals<`MOB-M${number}` | `MOB-S${number}`, string>>>; x_mitre_deprecated: z.ZodOptional<z.ZodBoolean>; identity_class: z.ZodEnum<{ group: "group"; individual: "individual"; system: "system"; organization: "organization"; class: "class"; unspecified: "unspecified"; }>; roles: z.ZodOptional<z.ZodArray<z.ZodString>>; sectors: z.ZodOptional<z.ZodArray<z.ZodEnum<{ government: "government"; agriculture: "agriculture"; aerospace: "aerospace"; automotive: "automotive"; chemical: "chemical"; commercial: "commercial"; communications: "communications"; construction: "construction"; defense: "defense"; education: "education"; energy: "energy"; entertainment: "entertainment"; "financial-services": "financial-services"; "government-emergency-services": "government-emergency-services"; "government-local": "government-local"; "government-national": "government-national"; "government-public-services": "government-public-services"; "government-regional": "government-regional"; healthcare: "healthcare"; "hospitality-leisure": "hospitality-leisure"; infrastructure: "infrastructure"; "infrastructure-dams": "infrastructure-dams"; "infrastructure-nuclear": "infrastructure-nuclear"; "infrastructure-water": "infrastructure-water"; insurance: "insurance"; manufacturing: "manufacturing"; mining: "mining"; "non-profit": "non-profit"; pharmaceuticals: "pharmaceuticals"; retail: "retail"; technology: "technology"; telecommunications: "telecommunications"; transportation: "transportation"; utilities: "utilities"; }>>>; contact_information: z.ZodOptional<z.ZodString>; }, z.core.$strict>, z.ZodObject<{ spec_version: z.ZodLiteral<"2.1">; created: z.ZodISODateTime; modified: z.ZodISODateTime; labels: z.ZodOptional<z.ZodArray<z.ZodString>>; revoked: z.ZodOptional<z.ZodBoolean>; confidence: z.ZodOptional<z.ZodOptional<z.ZodNumber>>; lang: z.ZodOptional<z.ZodString>; object_marking_refs: z.ZodOptional<z.ZodArray<z.ZodString>>; granular_markings: z.ZodOptional<z.ZodArray<z.ZodObject<{ lang: z.ZodOptional<z.ZodString>; marking_ref: z.ZodOptional<z.ZodString>; selectors: z.ZodArray<z.ZodString>; }, z.core.$strip>>>; extensions: z.ZodOptional<z.ZodRecord<z.ZodString, z.ZodUnion<readonly [z.ZodObject<{ extension_type: z.ZodEnum<{ "new-sdo": "new-sdo"; "new-sco": "new-sco"; "new-sro": "new-sro"; "property-extension": "property-extension"; "toplevel-property-extension": "toplevel-property-extension"; }>; }, z.core.$catchall<z.ZodUnknown>>, z.ZodRecord<z.ZodString, z.ZodUnknown>]>>>; name: z.ZodString; x_mitre_attack_spec_version: z.ZodString; x_mitre_version: z.ZodString; x_mitre_deprecated: z.ZodOptional<z.ZodBoolean>; id: z.ZodString & z.ZodType<`malware--${string}`, string, z.core.$ZodTypeInternals<`malware--${string}`, string>>; type: z.ZodLiteral<"file" | "attack-pattern" | "bundle" | "campaign" | "course-of-action" | "extension-definition" | "identity" | "intrusion-set" | "malware" | "tool" | "marking-definition" | "x-mitre-analytic" | "x-mitre-data-component" | "x-mitre-detection-strategy" | "x-mitre-tactic" | "x-mitre-asset" | "x-mitre-data-source" | "x-mitre-matrix" | "x-mitre-collection" | "relationship" | "artifact">; created_by_ref: z.ZodString & z.ZodType<`identity--${string}`, string, z.core.$ZodTypeInternals<`identity--${string}`, string>>; description: z.ZodString; x_mitre_platforms: z.ZodOptional<z.ZodArray<z.ZodEnum<{ "Field Controller/RTU/PLC/IED": "Field Controller/RTU/PLC/IED"; "Network Devices": "Network Devices"; "Data Historian": "Data Historian"; "Google Workspace": "Google Workspace"; "Office Suite": "Office Suite"; ESXi: "ESXi"; "Identity Provider": "Identity Provider"; Containers: "Containers"; "Azure AD": "Azure AD"; "Engineering Workstation": "Engineering Workstation"; "Control Server": "Control Server"; "Human-Machine Interface": "Human-Machine Interface"; Windows: "Windows"; Linux: "Linux"; IaaS: "IaaS"; None: "None"; iOS: "iOS"; PRE: "PRE"; SaaS: "SaaS"; "Input/Output Server": "Input/Output Server"; macOS: "macOS"; Android: "Android"; "Safety Instrumented System/Protection Relay": "Safety Instrumented System/Protection Relay"; Embedded: "Embedded"; }>>>; x_mitre_contributors: z.ZodOptional<z.ZodArray<z.ZodString>>; x_mitre_aliases: z.ZodOptional<z.ZodArray<z.ZodString>>; x_mitre_modified_by_ref: z.ZodLiteral<`identity--${string}`>; x_mitre_domains: z.ZodArray<z.ZodEnum<{ "enterprise-attack": "enterprise-attack"; "mobile-attack": "mobile-attack"; "ics-attack": "ics-attack"; }>>; aliases: z.ZodOptional<z.ZodArray<z.ZodString>>; is_family: z.ZodBoolean; malware_types: z.ZodOptional<z.ZodArray<z.ZodEnum<{ unknown: "unknown"; adware: "adware"; backdoor: "backdoor"; bot: "bot"; bootkit: "bootkit"; ddos: "ddos"; downloader: "downloader"; dropper: "dropper"; "exploit-kit": "exploit-kit"; keylogger: "keylogger"; ransomware: "ransomware"; "remote-access-trojan": "remote-access-trojan"; "resource-exploitation": "resource-exploitation"; "rogue-security-software": "rogue-security-software"; rootkit: "rootkit"; "screen-capture": "screen-capture"; spyware: "spyware"; trojan: "trojan"; virus: "virus"; webshell: "webshell"; wiper: "wiper"; worm: "worm"; }>>>; kill_chain_phases: z.ZodOptional<z.ZodArray<z.ZodObject<{ phase_name: z.ZodString; kill_chain_name: z.ZodEnum<{ "mitre-attack": "mitre-attack"; "mitre-mobile-attack": "mitre-mobile-attack"; "mitre-ics-attack": "mitre-ics-attack"; }>; }, z.core.$strict>>>; first_seen: z.ZodOptional<z.ZodISODateTime>; last_seen: z.ZodOptional<z.ZodISODateTime>; external_references: z.ZodArray<z.ZodObject<{ source_name: z.ZodString; description: z.ZodOptional<z.ZodString>; url: z.ZodOptional<z.ZodURL>; external_id: z.ZodOptional<z.ZodString>; }, z.core.$strip>>; x_mitre_old_attack_id: z.ZodOptional<z.ZodString & z.ZodType<`MOB-M${number}` | `MOB-S${number}`, string, z.core.$ZodTypeInternals<`MOB-M${number}` | `MOB-S${number}`, string>>>; architecture_execution_envs: z.ZodOptional<z.ZodArray<z.ZodEnum<{ alpha: "alpha"; arm: "arm"; "ia-64": "ia-64"; mips: "mips"; powerpc: "powerpc"; sparc: "sparc"; x86: "x86"; "x86-64": "x86-64"; }>>>; implementation_languages: z.ZodOptional<z.ZodArray<z.ZodEnum<{ "x86-64": "x86-64"; applescript: "applescript"; bash: "bash"; c: "c"; "c++": "c++"; "c#": "c#"; go: "go"; java: "java"; javascript: "javascript"; lua: "lua"; "objective-c": "objective-c"; perl: "perl"; php: "php"; powershell: "powershell"; python: "python"; ruby: "ruby"; scala: "scala"; swift: "swift"; typescript: "typescript"; "visual-basic": "visual-basic"; "x86-32": "x86-32"; }>>>; capabilities: z.ZodOptional<z.ZodArray<z.ZodEnum<{ "accesses-remote-machines": "accesses-remote-machines"; "anti-debugging": "anti-debugging"; "anti-disassembly": "anti-disassembly"; "anti-emulation": "anti-emulation"; "anti-memory-forensics": "anti-memory-forensics"; "anti-sandbox": "anti-sandbox"; "anti-vm": "anti-vm"; "captures-input-peripherals": "captures-input-peripherals"; "captures-output-peripherals": "captures-output-peripherals"; "captures-system-state-data": "captures-system-state-data"; "cleans-traces-of-infection": "cleans-traces-of-infection"; "commits-fraud": "commits-fraud"; "communicates-with-c2": "communicates-with-c2"; "compromises-data-integrity": "compromises-data-integrity"; "compromises-data-availability": "compromises-data-availability"; "compromises-system-availability": "compromises-system-availability"; "controls-local-machine": "controls-local-machine"; "degrades-security-software": "degrades-security-software"; "degrades-system-updates": "degrades-system-updates"; "determines-c2-server": "determines-c2-server"; "emails-spam": "emails-spam"; "escalates-privileges": "escalates-privileges"; "evades-av": "evades-av"; "exfiltrates-data": "exfiltrates-data"; "fingerprints-host": "fingerprints-host"; "hides-artifacts": "hides-artifacts"; "hides-executing-code": "hides-executing-code"; "infects-files": "infects-files"; "infects-remote-machines": "infects-remote-machines"; "installs-other-components": "installs-other-components"; "persists-after-system-reboot": "persists-after-system-reboot"; "prevents-artifact-access": "prevents-artifact-access"; "prevents-artifact-deletion": "prevents-artifact-deletion"; "probes-network-environment": "probes-network-environment"; "self-modifies": "self-modifies"; "steals-authentication-credentials": "steals-authentication-credentials"; "violates-system-operational-integrity": "violates-system-operational-integrity"; }>>>; sample_refs: z.ZodOptional<z.ZodArray<z.ZodUnion<readonly [z.ZodString & z.ZodType<`artifact--${string}`, string, z.core.$ZodTypeInternals<`artifact--${string}`, string>>, z.ZodString & z.ZodType<`file--${string}`, string, z.core.$ZodTypeInternals<`file--${string}`, string>>]>>>; operating_system_refs: z.ZodOptional<z.ZodArray<z.ZodUnion<[z.ZodLiteral<"file" | "attack-pattern" | "bundle" | "campaign" | "course-of-action" | "extension-definition" | "identity" | "intrusion-set" | "malware" | "tool" | "marking-definition" | "x-mitre-analytic" | "x-mitre-data-component" | "x-mitre-detection-strategy" | "x-mitre-tactic" | "x-mitre-asset" | "x-mitre-data-source" | "x-mitre-matrix" | "x-mitre-collection" | "relationship" | "artifact">, ...z.ZodLiteral<"file" | "attack-pattern" | "bundle" | "campaign" | "course-of-action" | "extension-definition" | "identity" | "intrusion-set" | "malware" | "tool" | "marking-definition" | "x-mitre-analytic" | "x-mitre-data-component" | "x-mitre-detection-strategy" | "x-mitre-tactic" | "x-mitre-asset" | "x-mitre-data-source" | "x-mitre-matrix" | "x-mitre-collection" | "relationship" | "artifact">[]]>>>; }, z.core.$strict>, z.ZodObject<{ spec_version: z.ZodLiteral<"2.1">; created: z.ZodISODateTime; modified: z.ZodISODateTime; created_by_ref: z.ZodNonOptional<z.ZodOptional<z.ZodString & z.ZodType<`identity--${string}`, string, z.core.$ZodTypeInternals<`identity--${string}`, string>>>>; labels: z.ZodOptional<z.ZodArray<z.ZodString>>; revoked: z.ZodOptional<z.ZodBoolean>; confidence: z.ZodOptional<z.ZodOptional<z.ZodNumber>>; lang: z.ZodOptional<z.ZodString>; external_references: z.ZodNonOptional<z.ZodOptional<z.ZodArray<z.ZodObject<{ source_name: z.ZodString; description: z.ZodOptional<z.ZodString>; url: z.ZodOptional<z.ZodURL>; external_id: z.ZodOptional<z.ZodString>; }, z.core.$strip>>>>; object_marking_refs: z.ZodNonOptional<z.ZodOptional<z.ZodArray<z.ZodString>>>; granular_markings: z.ZodOptional<z.ZodArray<z.ZodObject<{ lang: z.ZodOptional<z.ZodString>; marking_ref: z.ZodOptional<z.ZodString>; selectors: z.ZodArray<z.ZodString>; }, z.core.$strip>>>; extensions: z.ZodOptional<z.ZodRecord<z.ZodString, z.ZodUnion<readonly [z.ZodObject<{ extension_type: z.ZodEnum<{ "new-sdo": "new-sdo"; "new-sco": "new-sco"; "new-sro": "new-sro"; "property-extension": "property-extension"; "toplevel-property-extension": "toplevel-property-extension"; }>; }, z.core.$catchall<z.ZodUnknown>>, z.ZodRecord<z.ZodString, z.ZodUnknown>]>>>; name: z.ZodString; x_mitre_attack_spec_version: z.ZodString; x_mitre_version: z.ZodString; x_mitre_old_attack_id: z.ZodOptional<z.ZodString & z.ZodType<`MOB-M${number}` | `MOB-S${number}`, string, z.core.$ZodTypeInternals<`MOB-M${number}` | `MOB-S${number}`, string>>>; x_mitre_deprecated: z.ZodOptional<z.ZodBoolean>; id: z.ZodString & z.ZodType<`x-mitre-matrix--${string}`, string, z.core.$ZodTypeInternals<`x-mitre-matrix--${string}`, string>>; type: z.ZodLiteral<"file" | "attack-pattern" | "bundle" | "campaign" | "course-of-action" | "extension-definition" | "identity" | "intrusion-set" | "malware" | "tool" | "marking-definition" | "x-mitre-analytic" | "x-mitre-data-component" | "x-mitre-detection-strategy" | "x-mitre-tactic" | "x-mitre-asset" | "x-mitre-data-source" | "x-mitre-matrix" | "x-mitre-collection" | "relationship" | "artifact">; description: z.ZodString; x_mitre_domains: z.ZodArray<z.ZodEnum<{ "enterprise-attack": "enterprise-attack"; "mobile-attack": "mobile-attack"; "ics-attack": "ics-attack"; }>>; x_mitre_modified_by_ref: z.ZodLiteral<`identity--${string}`>; tactic_refs: z.ZodArray<z.ZodString & z.ZodType<`x-mitre-tactic--${string}`, string, z.core.$ZodTypeInternals<`x-mitre-tactic--${string}`, string>>>; }, z.core.$strict>, z.ZodObject<{ spec_version: z.ZodLiteral<"2.1">; created: z.ZodISODateTime; modified: z.ZodISODateTime; labels: z.ZodOptional<z.ZodArray<z.ZodString>>; revoked: z.ZodOptional<z.ZodBoolean>; confidence: z.ZodOptional<z.ZodOptional<z.ZodNumber>>; lang: z.ZodOptional<z.ZodString>;