Adrian Medina

I'm happy to help with the integration if this looks like it could improve automation in the future w/quality assurance. https://github.com/edmcouncil/rdf-toolkit https://github.com/edmcouncil/rdf-toolkit/tree/develop/RefactorRDF Also linking to some tests from [FIBO](https://github.com/edmcouncil/fibo) and...

ATT&CK technique tactics should be kept in sync with the ATT&CK release

1

In older versions of ATT&CK, techniques like [T1216](https://attack.mitre.org/versions/v6/techniques/T1216/) and [T1218](https://attack.mitre.org/versions/v6/techniques/T1218/) were classified under both "defense evasion" and "execution", but since ATT&CK 7.0-15.0 they have been classified under "defense evasion" (e.g...

Add relation that T1021 depends on T1078 (#292)

1

fixes #292

* Add rdfs:seeAlso link from d3f:T1087 to d3f:T1136 * Change the T1087 :creates restrictions to :enumerates * Move the T1087 :creates restrictions to the proper T1136 subtechniques fixes #293

My perspective is that since all of the [T1021](https://attack.mitre.org/techniques/T1021/) techniques use valid accounts ([T1078](https://attack.mitre.org/techniques/T1078/)) to actually perform lateral movement, there should be some kind of semantic relation from T1021 and...

[T1087.001](https://attack.mitre.org/techniques/T1087/001/), [T1087.002](https://attack.mitre.org/techniques/T1087/002/), and [T1087.004](https://attack.mitre.org/techniques/T1087/004/) are inferred to be Persistence and Privilege Escalation techniques through [T1136](https://attack.mitre.org/techniques/T1136/) and I propose classifying them under T1087 with a rdfs:seeAlso to T1136.