articleschannelstagsspacestoolkit
GitLab Blog

Use GitLab and MITRE ATT&CK Navigator to visualize adversary techniques

View Original
thumbnail

Introduction

This blog explains how to use GitLab and MITRE ATT&CK Navigator to visualize adversary techniques. The blog guides readers on how to deploy the ATT&CK Navigator web application and pre-populate it with annotated matrices. This visualization helps in tracking coverage of offensive and defensive capabilities across MITRE's ATT&CK matrices.

Using GitLab to Visualize Techniques

By deploying the ATT&CK Navigator web application on GitLab, companies can visualize their coverage of adversary techniques. This can be done by creating a new fork from the example project provided. Each file added to this project will represent a new tab in the deployed web application, where attack techniques are annotated in green.

Example Techniques

The example project provides two example files and an empty template file. These files contain a list of attack techniques across different tactics. Users can edit the example files or add new files of their own to represent different techniques. The file is automatically loaded and the techniques are viewable in the deployed web application.

Deploying the Application

To deploy the application with the provided sample data, users can navigate to "Build" -> "Pipelines" in the project's sidebar and click the "Run pipeline" button. The file contains rules to automatically run the jobs whenever changes are pushed to the project's default branch or manually triggered.

Understanding Coverage

Using MITRE ATT&CK Navigator on GitLab allows users to visualize coverage of attack techniques across matrices. However, it is important to note that this visualization is not meant to compare coverage with other organizations. Instead, it helps users understand their own coverage and its relevance to their specific threats.

Conclusion

MITRE ATT&CK Navigator, when deployed on GitLab, is a valuable tool for visualizing coverage of attack techniques. By following the steps outlined in this blog, users can successfully use GitLab and MITRE ATT&CK Navigator to track and analyze adversary techniques.