Wikidata:Property proposal/Mitre ATT&CK ID

From Wikidata
Jump to navigation Jump to search

Mitre ATT&CK ID[edit]

Originally proposed at Wikidata:Property proposal/Authority control

Descriptionidentity for an item in the Mitre ATT&CK knowledge base
RepresentsMitre ATT&CK (Q104434300)
Data typeExternal identifier
Domainprimarily software (Q7397) and threat actor (Q28402245)
Allowed valuesgroups/G#### OR software/S#### OR techniques/T#### OR tactics/TA#### (techniques also use T####.###)
Example 1Fancy Bear (Q20757678)groups/G0007
Example 2Equation Group (Q19294807)groups/G0020
Example 3Gh0st RAT (Q5557127)software/S0032
Example 4Poison Ivy (Q10635795)software/S0012
Example 5brute-force attack (Q869370)techniques/T1110
Example 6privilege escalation (Q1856893)tactics/TA0029
External linksUse in sister projects: [ar][de][en][es][fr][he][it][ja][ko][nl][pl][pt][ru][sv][vi][zh][commons][species][wd][en.wikt][fr.wikt].
Planned uselinking threat actors and software to their entries in the Mitre knowledge base
Expected completenessalways incomplete (Q21873886)
Formatter URLhttps://attack.mitre.org/$1/

Motivation[edit]

The Mitre ATT&CK knowledge base is a catalog of threat actors, malware and tactics/techniques. We have items for many hacker groups/advanced persistent threats that correspond to the groups section of the knowledge base. We also have items for some of the malware listed there. We don't have the level of granularity of Mitre when it comes to techniques, but there are many items that have corresponding database entries. All of the ID formats are documented on github. gobonobo + c 04:57, 23 December 2020 (UTC)[reply]

Discussion[edit]

@Gobonobo, ArthurPSmith, YULdigitalpreservation, Hannes Röst: ✓ Done Mitre ATT&CK ID (P9025)Eihel (talk) 13:27, 5 January 2021 (UTC)[reply]
nb. The links on the identifiers will be available in 24 to 48 hours

Retrieved from "https://www.wikidata.org/w/index.php?title=Wikidata:Property_proposal/Mitre_ATT%26CK_ID&oldid=1335301232"