Shulou(Shulou.com)05/31 Report--

This article will explain what Elemental is for you in detail. The editor thinks it is very practical, so I share it with you as a reference. I hope you can get something after reading this article.

Elemental

Elemental is a centralized threat library for MITRE attack technology. The platform is based on Python and includes MITRE ATT&CK technology, Atomic red team testing and more than 280 Sigma rules. Elemental provides an alternative way to explore, study, and analyze ATT&CK data sets, which can help researchers map relevant Atomic red team test forces and Sigma rules to their corresponding technologies. In addition, Elemental can also help researchers on the security side create custom MITRE ATT&CK technologies and upload Sigma rules. ATT&CK data sets can be collected through the Python client, Atomic red team test sets can be imported through the Atomic Red team GitHub library, and Sigma rules (rule sets containing ATT&CK tags) can be imported through Sigma's GitHub rule sets.

This platform is considered a milestone in the Master of Information and Cyber Security Program at the University of California, Berkeley, and we look forward to community feedback on new ideas and improvements.

The current version of the Elemental instance is only a pilot project and has not been configured for use in a production environment. For more information, see the Django documentation for the production server configuration items.

Function introduction

1. View ATT&CK technical information

2. View the Atomic red team test in Markdown and Yaml

3. View Sigma rules in Yaml

4. Add new ATT&CK technical information (currently it can only be added through the Django management panel)

5. Upload new Sigma rules (currently you can only upload them through the Django management panel)

Tool download & installation

Researchers can download and install the Elemental platform and complete the configuration of dependent components using the following commands:

Git clone https://github.com/Elemental-attack/Elemental.gitcd Elemental/elementalpip install-r requirements.txtpython manage.py runserver

The default Django administrators panel login credentials are as follows:

User: elemental | password: screenshot of berkelium project running

Main element view:

Technical information view:

Atomic information view:

Sigma rule view:

This is the end of this article on "what is Elemental?". I hope the above content can be helpful to you, so that you can learn more knowledge. if you think the article is good, please share it for more people to see.

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.