diff --git a/monkey/monkey_island/cc/models/attack/__init__.py b/monkey/monkey_island/cc/models/attack/__init__.py index e69de29bb..692107917 100644 --- a/monkey/monkey_island/cc/models/attack/__init__.py +++ b/monkey/monkey_island/cc/models/attack/__init__.py @@ -0,0 +1 @@ +from monkey_island.cc.models.attack.mitigation import Mitigation diff --git a/monkey/monkey_island/cc/models/attack/attack_mitigations.py b/monkey/monkey_island/cc/models/attack/attack_mitigations.py index 9d09aae5a..9c7964863 100644 --- a/monkey/monkey_island/cc/models/attack/attack_mitigations.py +++ b/monkey/monkey_island/cc/models/attack/attack_mitigations.py @@ -1,12 +1,9 @@ -from typing import Dict - from mongoengine import Document, DoesNotExist, EmbeddedDocumentField, ListField, StringField -from stix2 import AttackPattern, CourseOfAction - -from monkey_island.cc.models.attack.mitigation import Mitigation -from monkey_island.cc.services.attack.mitre_api_interface import MitreApiInterface +# Note: This model is duplicated in +# deployment_scripts/dump_attack_mitigations/attack_mitigations.py. If the schema changes here, it +# will also need to be changed there. class AttackMitigations(Document): COLLECTION_NAME = "attack_mitigations" @@ -19,32 +16,3 @@ class AttackMitigations(Document): return AttackMitigations.objects.get(technique_id=technique_id) except DoesNotExist: raise Exception("Attack technique with id {} does not exist!".format(technique_id)) - - def add_mitigation(self, mitigation: CourseOfAction): - mitigation_external_ref_id = MitreApiInterface.get_stix2_external_reference_id(mitigation) - if mitigation_external_ref_id.startswith("M"): - self.mitigations.append(Mitigation.get_from_stix2_data(mitigation)) - - def add_no_mitigations_info(self, mitigation: CourseOfAction): - mitigation_external_ref_id = MitreApiInterface.get_stix2_external_reference_id(mitigation) - if mitigation_external_ref_id.startswith("T") and len(self.mitigations) == 0: - mitigation_mongo_object = Mitigation.get_from_stix2_data(mitigation) - mitigation_mongo_object["description"] = mitigation_mongo_object[ - "description" - ].splitlines()[0] - mitigation_mongo_object["url"] = "" - self.mitigations.append(mitigation_mongo_object) - - @staticmethod - def mitigations_from_attack_pattern(attack_pattern: AttackPattern): - return AttackMitigations( - technique_id=MitreApiInterface.get_stix2_external_reference_id(attack_pattern), - mitigations=[], - ) - - @staticmethod - def dict_from_stix2_attack_patterns(stix2_dict: Dict[str, AttackPattern]): - return { - key: AttackMitigations.mitigations_from_attack_pattern(attack_pattern) - for key, attack_pattern in stix2_dict.items() - } diff --git a/monkey/monkey_island/cc/models/attack/mitigation.py b/monkey/monkey_island/cc/models/attack/mitigation.py index 8a0a1f019..aadc9f48c 100644 --- a/monkey/monkey_island/cc/models/attack/mitigation.py +++ b/monkey/monkey_island/cc/models/attack/mitigation.py @@ -1,17 +1,10 @@ from mongoengine import EmbeddedDocument, StringField -from stix2 import CourseOfAction - -from monkey_island.cc.services.attack.mitre_api_interface import MitreApiInterface +# Note: This model is duplicated in +# deployment_scripts/dump_attack_mitigations/attack_mitigations.py. If the schema changes here, it +# will also need to be changed there. class Mitigation(EmbeddedDocument): name = StringField(required=True) description = StringField(required=True) url = StringField() - - @staticmethod - def get_from_stix2_data(mitigation: CourseOfAction): - name = mitigation["name"] - description = mitigation["description"] - url = MitreApiInterface.get_stix2_external_reference_url(mitigation) - return Mitigation(name=name, description=description, url=url) diff --git a/monkey/monkey_island/cc/services/attack/mitre_api_interface.py b/monkey/monkey_island/cc/services/attack/mitre_api_interface.py deleted file mode 100644 index 48ecb7c9a..000000000 --- a/monkey/monkey_island/cc/services/attack/mitre_api_interface.py +++ /dev/null @@ -1,14 +0,0 @@ -class MitreApiInterface: - @staticmethod - def get_stix2_external_reference_id(stix2_data) -> str: - for reference in stix2_data["external_references"]: - if reference["source_name"] == "mitre-attack" and "external_id" in reference: - return reference["external_id"] - return "" - - @staticmethod - def get_stix2_external_reference_url(stix2_data) -> str: - for reference in stix2_data["external_references"]: - if "url" in reference: - return reference["url"] - return ""