feat(phase-24): integrate MITRE D3FEND defensive techniques with ATT&CK mapping (T-213, T-214)

2026-02-09 16:38:59 +01:00
parent 2fc0e2cafd
commit cd124b655b
12 changed files with 1141 additions and 4 deletions
--- a/frontend/src/api/d3fend.ts
+++ b/frontend/src/api/d3fend.ts
@@ -0,0 +1,56 @@
+import client from "./client";
+
+export interface DefensiveTechnique {
+  id: string;
+  d3fend_id: string;
+  name: string;
+  description: string | null;
+  tactic: string | null;
+  d3fend_url: string | null;
+}
+
+export interface DefensesForTechnique {
+  mitre_id: string;
+  technique_name: string;
+  defenses: DefensiveTechnique[];
+  total: number;
+}
+
+export interface D3FENDTactic {
+  tactic: string;
+  count: number;
+}
+
+export interface D3FENDImportResult {
+  techniques: { created: number; updated: number; total: number };
+  mappings: { created: number; skipped: number; total: number };
+}
+
+/** Fetch defenses for a specific ATT&CK technique. */
+export async function getDefensesForTechnique(mitreId: string): Promise<DefensesForTechnique> {
+  const { data } = await client.get<DefensesForTechnique>(`/d3fend/for-technique/${mitreId}`);
+  return data;
+}
+
+/** List all defensive techniques with optional filters. */
+export async function listDefensiveTechniques(params?: {
+  tactic?: string;
+  search?: string;
+  offset?: number;
+  limit?: number;
+}): Promise<{ total: number; items: DefensiveTechnique[] }> {
+  const { data } = await client.get("/d3fend", { params });
+  return data;
+}
+
+/** Get D3FEND tactic counts. */
+export async function getD3FENDTactics(): Promise<D3FENDTactic[]> {
+  const { data } = await client.get<D3FENDTactic[]>("/d3fend/tactics");
+  return data;
+}
+
+/** Trigger D3FEND import (admin only). */
+export async function triggerD3FENDImport(): Promise<D3FENDImportResult> {
+  const { data } = await client.post<D3FENDImportResult>("/d3fend/import");
+  return data;
+}
--- a/frontend/src/api/techniques.ts
+++ b/frontend/src/api/techniques.ts
@@ -1,5 +1,5 @@
 import client from "./client";
-import type { Technique, TechniqueStatus, Test, IntelItem } from "../types/models";
+import type { Technique, TechniqueStatus, Test, IntelItem, DefensiveTechnique } from "../types/models";

 /** Summary representation used in list endpoints. */
 export interface TechniqueSummary {
@@ -15,6 +15,7 @@ export interface TechniqueSummary {
 export interface TechniqueWithTests extends Technique {
  tests?: Test[];
  intel_items?: IntelItem[];
+  d3fend_defenses?: DefensiveTechnique[];
 }

 export interface TechniqueFilters {