feat: repository initialization

CrowdStrike · Oct 17, 2023 · ba8ba27 · ba8ba27
1 parent 53310af
commit ba8ba27
Show file tree

Hide file tree

Showing 163 changed files with 64,479 additions and 2 deletions.
diff --git a/.gitignore b/.gitignore
@@ -1 +1,6 @@
-.idea
+.idea
+node_modules
+.idea
+.DS_Store
+.vscode
+yarn-error.log
diff --git a/README.md b/README.md
@@ -5,4 +5,49 @@
 The Triage with MITRE Attack sample Foundry app is a community-driven, open source project which serves as an example of an app which can be built using CrowdStrike's Foundry ecosystem.
 `foundry-sample-mitre` is not a formal CrowdStrike project and is maintained by the open source developer community.
 
-TODO !!!
+# CrowdStrike Triage with MITRE ATT&CK
+
+This folder contains all the projects and the configuration for the `mitre` sample app (vue).
+In here you can find, **collections**, **ui** and the apps' `manifest.yml`.
+
+**collections** are used for some components inside the extension and main app, the projects are stored inside `ui`
+
+In `ui` you can find:
+
+- **extensions**: contains `remediations` app
+- **pages**: contains `chart-vue` which is the Mitre's chart page done with vue
+
+_while `remediations` and `chart-vue` are **vue projects**, all related with one another, it's **worth noticing** that you can add other projects with other technologies, completely un-related with the forementioned._
+
+## Development
+
+In order to be able to see (and develop) your local page/extension you just have to:
+
+1. Run `foundry ui run` in this directory
+2. The pages/extensions you're developing must have been built (_suggestion:_ use watchers for hot module reload).
+
+With the following, you should be able to start and develop all of the projects under `mitre`:
+
+1. Run `yarn`
+2. Run `yarn start`, this will run **type-checks** and `build-watch` for every project.
+3. Concurrently, run `foundry ui run`.
+4. now you are ready to test your changes with local code (remember to turn on "development mode"
+
+### If you are developing a page
+
+1. Search the page id id in the `manifest.yml`, copy it.
+2. Go to `foundry/page/{{page-id}}` (**note**: replace `{{page-id}}` with the copied one in step 5)
+3. be sure that the **development** mode is active, or you will be seeing the current "deployed" page
+
+### If you are developing an extension
+
+1. Go to the page where your extension is mounted.
+2. be sure that the **development** mode is active, or you will be seeing the current "deployed" extension
+
+## Hands-on projects
+
+You can find more about the specific projects and libraries with the following links:
+
+- [Mitre chart (vue)](./ui//pages/chart-vue/README.md)
+- [Auto remediation extension](./ui/extensions/remediations/README.md)
+- [Mitre's shared vue logic](./ui/shared/mitre-vue/README.md)
diff --git a/collections/mitre-auto-remediation-created-schema.json b/collections/mitre-auto-remediation-created-schema.json
@@ -0,0 +1,107 @@
+{
+  "$schema": "https://json-schema.org/draft/2020-12/schema",
+  "$id": "https://json-schema.org/examples/product.schema.json",
+  "title": "Mitre Auto Remediation Jira Issue",
+  "description": "A Mitre Auto Remediation Jira Issue Creation Log Collection",
+  "type": "object",
+  "x-cs-indexable-fields": [
+    {
+      "field": "/issueId",
+      "type": "string"
+    },
+    {
+      "field": "/issueKey",
+      "type": "string"
+    },
+    {
+      "field": "/detectionId",
+      "type": "string"
+    },
+    {
+      "field": "/creationDate",
+      "type": "string"
+    },
+    {
+      "field": "/notificationType",
+      "type": "string"
+    }
+  ],
+  "properties": {
+    "account": {
+      "description": "Jira Account Id",
+      "type": "string"
+    },
+    "priority": {
+      "description": "Jira Priority Id",
+      "type": "string"
+    },
+    "issueType": {
+      "description": "Jira Issue Type Id",
+      "type": "string"
+    },
+    "summary": {
+      "description": "Jira Summary",
+      "type": "string"
+    },
+    "description": {
+      "description": "Jira Description",
+      "type": "string"
+    },
+    "project": {
+      "description": "Jira Project",
+      "type": "string"
+    },
+    "labels": {
+      "description": "Labels for the auto remediation ticket",
+      "type": "array",
+      "items": {
+        "type": "string"
+      },
+      "minItems": 1,
+      "uniqueItems": true
+    },
+    "issueId": {
+      "description": "Created Issue ID",
+      "type": "string",
+      "x-cs-indexable": true
+    },
+    "issueKey": {
+      "description": "Created Issue Key",
+      "type": "string",
+      "x-cs-indexable": true
+    },
+    "issueLink": {
+      "description": "Created Issue API Link",
+      "type": "string"
+    },
+    "detectionId": {
+      "description": "Detection ID",
+      "type": "string",
+      "x-cs-indexable": true
+    },
+    "creationDate": {
+      "description": "Creation Date",
+      "type": "string",
+      "x-cs-indexable": true
+    },
+    "notificationType": {
+      "description": "Notification Type",
+      "type": "string",
+      "x-cs-indexable": true
+    }
+  },
+  "required": [
+    "account",
+    "priority",
+    "issueType",
+    "summary",
+    "project",
+    "labels",
+    "issueId",
+    "issueKey",
+    "issueLink",
+    "detectionId",
+    "creationDate",
+    "notificationType"
+  ]
+}
diff --git a/collections/mitre-auto-remediation-jira-schema.json b/collections/mitre-auto-remediation-jira-schema.json
@@ -0,0 +1,82 @@
+{
+  "$schema": "https://json-schema.org/draft/2020-12/schema",
+  "$id": "https://json-schema.org/examples/product.schema.json",
+  "title": "Mitre Auto Remediation Jira Config",
+  "description": "A Mitre Auto Remediation Jira Configuration Collection",
+  "type": "object",
+  "x-cs-indexable-fields": [
+    {
+      "field": "/account",
+      "type": "string"
+    },
+    {
+      "field": "/priority",
+      "type": "string"
+    },
+    {
+      "field": "/issueType",
+      "type": "string"
+    },
+    {
+      "field": "/summary",
+      "type": "string"
+    },
+    {
+      "field": "/description",
+      "type": "string"
+    },
+    {
+      "field": "/project",
+      "type": "string"
+    }
+  ],
+  "properties": {
+    "account": {
+      "description": "Jira Account Id",
+      "type": "string",
+      "x-cs-indexable": true
+    },
+    "priority": {
+      "description": "Jira Priority Id",
+      "type": "string",
+      "x-cs-indexable": true
+    },
+    "issueType": {
+      "description": "Jira Issue Type Id",
+      "type": "string",
+      "x-cs-indexable": true
+    },
+    "summary": {
+      "description": "Jira Summary",
+      "type": "string",
+      "x-cs-indexable": true
+    },
+    "description": {
+      "description": "Jira Description",
+      "type": "string",
+      "x-cs-indexable": true
+    },
+    "project": {
+      "description": "Jira Project",
+      "type": "string",
+      "x-cs-indexable": true
+    },
+    "labels": {
+      "description": "Labels for the auto remediation ticket",
+      "type": "array",
+      "items": {
+        "type": "string"
+      },
+      "minItems": 1,
+      "uniqueItems": true
+    }
+  },
+  "required": [
+    "account",
+    "priority",
+    "issueType",
+    "summary",
+    "project",
+    "labels"
+  ]
+}
diff --git a/manifest.yml b/manifest.yml
@@ -0,0 +1,128 @@
+name: Triage with MITRE ATTACK
+description: A sample app to demonstrate Mitre Triage and auto remediation features made in Vue.
+logo: ""
+manifest_version: "2023-05-09"
+ignored:
+    - CITATION.cff
+    - CODE_OF_CONDUCT.md
+    - LICENSE
+    - SECURITY.md
+    - SUPPORT.md
+    - docs
+    - shared
+    - node_modules
+    - yarn.lock
+    - package.json
+    - ui/node_modules
+    - ui/shared/node_modules
+    - ui/(extensions|pages)/[^\/]*?/public
+    - ui/(extensions|pages)/[^\/]*?/index.html
+    - ui/(extensions|pages)/[^\/]*?/favicon.ico
+    - ui/(extensions|pages)/.*?/node_modules
+    - ui/(extensions|pages)/.*?/config
+    - ui/(extensions|pages)/.*?/src
+    - ui/(extensions|pages)/.*?/\.gitignore
+    - ui/(extensions|pages)/.*?/package\.json
+    - ui/(extensions|pages)/.*?/tsconfig\.json
+    - ui/(extensions|pages)/.*?/tsconfig\..*\.json
+    - ui/(extensions|pages)/.*?/.*?\.(md|log|lock|cjs)
+    - ui/(extensions|pages)/.*?/*\.ts
+    - ui/(extensions|pages)/*\.gz
+ui:
+    homepage: pages.mitre-vue
+    extensions:
+        - name: Triage App
+          description: MITRE Auto Remediation
+          path: ui/extensions/remediations/dist
+          entrypoint: ui/extensions/remediations/dist/index.html
+          sockets:
+            - activity.detections.details
+            - crowdscore.incidents.details
+          content_security_policy:
+            connect-src:
+                - self
+                - 'data:'
+                - https://cdn.jsdelivr.net
+            style-src:
+                - https://cdn.jsdelivr.net
+            style-src-elem: []
+            script-src:
+                - https://cdn.jsdelivr.net
+            form-action: []
+            img-src:
+                - https://cdn.jsdelivr.net
+                - self
+                - 'data:'
+            media-src: []
+            object-src: []
+          permissions: []
+    pages:
+        mitre-vue:
+            name: mitre-vue
+            description: MITRE App
+            path: ui/pages/chart-vue/dist
+            entrypoint: ui/pages/chart-vue/dist/index.html
+            content_security_policy:
+                connect-src:
+                    - self
+                    - 'data:'
+                    - https://cdn.jsdelivr.net
+                style-src:
+                    - https://cdn.jsdelivr.net
+                style-src-elem: []
+                script-src:
+                    - https://cdn.jsdelivr.net
+                form-action: []
+                img-src:
+                    - https://cdn.jsdelivr.net
+                    - self
+                    - 'data:'
+                media-src: []
+                object-src: []
+            permissions: []
+    dashboards: {}
+    navigation:
+        - path: /
+          name: Mitre Chart
+          permissions: []
+          ref: pages.mitre-vue
+        - path: /wizard
+          name: Mitre - Configure Actions Wizard
+          permissions: []
+          ref: pages.mitre-vue
+        - path: /notify-it
+          name: Mitre - Configure Notify IT Action
+          permissions: []
+          ref: pages.mitre-vue
+        - path: /notify-ir
+          name: Mitre - Configure Notify IR Action
+          permissions: []
+          ref: pages.mitre-vue
+api_integrations: []
+rtr_scripts: []
+collections:
+    - name: mitreAutoRemediationJira
+      description: Auto remediation Jira Config Collection.
+      schema: collections/mitre-auto-remediation-jira-schema.json
+      permissions: []
+      workflow_integration: null
+    - name: mitreAutoRemediationCreatedIssues
+      description: Auto remediation Created Issues history Collection.
+      schema: collections/mitre-auto-remediation-created-schema.json
+      permissions: []
+      workflow_integration: null
+auth:
+    scopes:
+        - alerts:read
+        - detects:read
+        - custom-storage:write
+        - custom-storage:read
+        - api-integrations:read
+        - api-integrations:write
+    permissions: {}
+    roles: []
+functions: []
+workflows: []
+logscale:
+    saved_searches: []
+    views: []