From 77c51497d0e2b4aa4781d6ba489552a9ff27f899 Mon Sep 17 00:00:00 2001 From: Ilija Lazoroski Date: Thu, 30 Sep 2021 11:44:06 +0200 Subject: [PATCH] docs: Add attack mitigations documentation --- docs/content/reference/attack_mitigations.md | 19 +++++++++++++++++++ 1 file changed, 19 insertions(+) create mode 100644 docs/content/reference/attack_mitigations.md diff --git a/docs/content/reference/attack_mitigations.md b/docs/content/reference/attack_mitigations.md new file mode 100644 index 000000000..192b726c2 --- /dev/null +++ b/docs/content/reference/attack_mitigations.md @@ -0,0 +1,19 @@ +--- +title: "ATT&CK Mitigations" +date: 2021-09-30T08:18:37+03:00 +draft: true +pre: ' !! ' +weight: 10 +--- + +{{% notice info %}} +Check out [the documentation for the MITRE ATT&CK techniques as well]({{< ref "/reports/mitre" >}}). +{{% /notice %}} + +Infection Monkey is shipped with pre-existing ATT&CK mitigations located at `monkey/monkey_island/cc/setup/mongo/attack_mitigations.json`. +This allows Monkey Island to be setup faster. + +The `attack_mitigations.json` can be updated by running `monkey/deployment_scripts/dump_attack_mitigations.py` by providing the link to +[Cyber Threat Intelligence Repository](https://github.com/mitre/cti) , mongo host and port information and the dump file location. + +When starting Monkey Island this information is stored in the mongo database almost instantly, making the setup faster.