diff --git a/galaxies/mitre-d3fend.json b/galaxies/mitre-d3fend.json index eb31951b..301f74b5 100644 --- a/galaxies/mitre-d3fend.json +++ b/galaxies/mitre-d3fend.json @@ -2,17 +2,9 @@ "description": "A knowledge graph of cybersecurity countermeasures.", "icon": "user-shield", "kill_chain_order": { - "Model": [ - "Asset-Inventory", - "Network-Mapping", - "Operational-Activity-Mapping", - "System-Mapping" - ], - "Harden": [ - "Application-Hardening", - "Credential-Hardening", - "Message-Hardening", - "Platform-Hardening" + "Deceive": [ + "Decoy-Environment", + "Decoy-Object" ], "Detect": [ "File-Analysis", @@ -23,19 +15,27 @@ "Process-Analysis", "User-Behavior-Analysis" ], - "Isolate": [ - "Execution-Isolation", - "Network-Isolation" - ], - "Deceive": [ - "Decoy-Environment", - "Decoy-Object" - ], "Evict": [ "Credential-Eviction", "File-Eviction", "Process-Eviction" ], + "Harden": [ + "Application-Hardening", + "Credential-Hardening", + "Message-Hardening", + "Platform-Hardening" + ], + "Isolate": [ + "Execution-Isolation", + "Network-Isolation" + ], + "Model": [ + "Asset-Inventory", + "Network-Mapping", + "Operational-Activity-Mapping", + "System-Mapping" + ], "Restore": [ "Restore-Access", "Restore-Object" diff --git a/tools/gen_mitre_d3fend.py b/tools/gen_mitre_d3fend.py index 845d1ca1..c3972127 100755 --- a/tools/gen_mitre_d3fend.py +++ b/tools/gen_mitre_d3fend.py @@ -248,8 +248,8 @@ json_cluster = { # save the Galaxy and Cluster file with open(os.path.join('..', 'galaxies', galaxy_fname), 'w') as f: - # do not sort_keys as it would break the kill_chain_order - json.dump(json_galaxy, f, indent=2, ensure_ascii=False) + # sort_keys, even if it breaks the kill_chain_order , but jq_all_the_things requires sorted keys + json.dump(json_galaxy, f, indent=2, sort_keys=True, ensure_ascii=False) f.write('\n') # only needed for the beauty and to be compliant with jq_all_the_things with open(os.path.join('..', 'clusters', galaxy_fname), 'w') as f: