Generate Updated ATT&CK Heatmap #11
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Generate Updated ATT&CK Heatmap | |
| on: | |
| schedule: | |
| - cron: "0 0 1 * *" | |
| workflow_dispatch: | |
| jobs: | |
| generate-heatmap: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Checkout Repository | |
| uses: actions/checkout@v5 | |
| with: | |
| submodules: true | |
| - name: Install Sigma | |
| run: pipx install sigma-cli | |
| - name: Update Heatmap | |
| run: sigma analyze attack count --min-score 0 --max-score 20 --min-color '#66b1ffff' --max-color '#ff66f4ff' ./other/sigma_attack_nav_coverage.json rule* | |
| - name: Create Pull Request | |
| uses: peter-evans/create-pull-request@v7 | |
| with: | |
| reviewers: nasbench, frack113, phantinuss | |
| delete-branch: true | |
| commit-message: 'chore: update ATT&CK heatmap' | |
| branch: 'create-pull-request/update-heatmap' | |
| title: 'Update ATT&CK Heatmap Coverage' | |
| body: | | |
| ### Summary of the Pull Request | |
| This PR updates sigma_attack_nav_coverage.json to reflect the current rule coverage. | |
| To generate a new SVG file, go to the [MITRE ATT&CK Navigator](https://mitre-attack.github.io/attack-navigator/#layerURL=https://raw.githubusercontent.com/SigmaHQ/sigma/master/other/sigma_attack_nav_coverage.json) and export a SVG via "Layer Controls" > "Export" (download icon) > "render layer to SVG". | |
| ### Changelog | |
| chore: update ATT&CK heatmap | |
| ### Example Log Event | |
| N/A | |
| ### Fixed Issues | |
| N/A | |
| ### SigmaHQ Rule Creation Conventions | |
| - If your PR adds new rules, please consider following and applying these [conventions](https://github.com/SigmaHQ/sigma-specification/blob/main/sigmahq/sigmahq_conventions.md) |