0.5.4 - MITRE ATT&CK TAXII 2.1 Support and Documentation Updates

This release marks the transition to full support for the MITRE ATT&CK TAXII 2.1 API and includes updates to documentation and tools.

Foundation for TAXII 2.1 Support

As announced in MITRE ATT&CK’s roadmap, the TAXII 2.0 server has been retired as of December 18, 2024. To ensure compatibility with the new TAXII 2.1 server, we have incorporated the following updates:

• Base URL: https://attack-taxii.mitre.org
• API Root Path: /api/v21/
• Adjustments to collection numbers for each matrix, ensuring alignment with the latest MITRE ATT&CK structures.

Impact

This release ensures:

• Full compatibility with the new MITRE ATT&CK TAXII 2.1 server.
• Up-to-date and accurate documentation examples for users.
• Improved workflows for exporting data to the MITRE ATT&CK Navigator.

What's Changed

• Updated all notebooks that do not export files by @Cyb3rWard0g in #86
• Update to STIX 2.1 by @legoguy1000 in #88
• Update Jupyter Notebooks and Enhance Navigator Export Function by @Cyb3rWard0g in #89

New Contributors

• @legoguy1000 made their first contribution in #88

Full Changelog: 0.4.4...0.5.4

May 2024 - Version 0.4.4

What's Changed

• Changelog 0.4.2 by @Cyb3rWard0g in #82
• STIX Utils and Attack Client with Local STIX Data by @Cyb3rWard0g in #85

Full Changelog: 0.4.2...0.4.4

April 2024 - Version 0.4.2

What's Changed

• updated CHANGELOG and setup version by @Cyb3rWard0g in #78
• Update requirements.txt to include pydantic by @thelok in #79
• Fix a bug where all groups/campaigns are returned from case insensitive search of get_group_by_alias/get_campaign_by_alias by @thelok in #80
• V0.4.2 Updated Package Requirements, Annotations, Docstrings and Models by @Cyb3rWard0g in #81

Full Changelog: 0.4.1...0.4.2

April 2024 - Version 0.4.1

What's Changed

• Update Dockerfile by @halcyondream in #69
• use COMPOSITE_DS instead of TC_ENTERPRISE_SOURCE in generic functions by @rubinatorz in #66
• Adding proxies and verify parameters for TAXII Client by @thelok in #73
• Improve STIX Object Handling and Documentation with Pydantic and Type Annotations by @Cyb3rWard0g in #75
• Removed double query method from COMPOSITE_DS.query, fix #67 by @Cyb3rWard0g in #76
• Updated Type Annotations and Docstrings by @Cyb3rWard0g in #77

New Contributors

• @halcyondream made their first contribution in #69
• @thelok made their first contribution in #73

Full Changelog: 0.4.0...0.4.1

May 2023 - Version 0.4.0

What's Changed

• Added support for Mobile data sources/components by @rubinatorz in #65

Full Changelog: 0.3.9...0.4.0

April 2023 - Version 0.3.9

Full Changelog

Merged pull requests:

• Added ICS campaigns and some ICS fixes #64 (rubinatorz)

November 2022 - Version 0.3.8

Full Changelog

Implemented enhancements:

• Should PRE-attack be removed? #59

Merged pull requests:

• Add support for campaings entity added in MITRE v12 #62 (dadokkio)
• added include_pre_attack parameter to attack_client constructor #61 (rubinatorz)

July 2022 - Version 0.3.7

Full Changelog: 0.3.6...0.3.7

Closed issues:

attack_client not workning (Err_connection) #58
Bug: enrich_data_sources is not working #57

January 2022 - Version 0.3.6

Full Changelog

Implemented enhancements:

• Removed Try Except features and set module to directly use CompositeDataSource queries #52
• Updated SANS CTI Summit 2022 Notebook #51
• Remove 'Pre' from get_stix_objects() function #49
• Update Navigator version in export_groups_navigator_layers() function to 4.5.5 #48
• Update Jupyterbook config and toc file #47
• Update Docs: Jupyter Notebooks explaining most of the functions available in the library #44
• specify and update README.md file and requirements section #28
• New parameters and Functions #41 (Cyb3rPandaH)

Fixed bugs:

• Remove function 'remove_revoked()' from available functions #46
• Data sources enrichment function removes data sources metadata from techniques that do not have 'detects` relationships #45
• Rename enrich_data_source function to enrich_techniques_data_sources in get_enterprise_techniques #42
• get_software_used_by_group returns all tools for groups with no actual tools/ software #27

Merged pull requests:

• SANS CTI Summit 2022 Notebook (Spanish) #50 (Cyb3rPandaH)
• Update attack_api.py #40 (Cyb3rPandaH)
• updated enterprise pre mobile and ics main functions and revoked and deprecated functions #39 (Cyb3rWard0g)
• added data sources function and field mappings #38 (Cyb3rWard0g)
• Add x-mitre-data-component #37 (ZikyHD)
• Update CONTRIBUTING.md #31 (thegautamkumarjaiswal)
• Feature Add and Update #26 (thegautamkumarjaiswal)
• Update for add proxy #10 (charly837)

Version 0.3.4.4 - Hot Fix

Fixed #27