Get a list of MITRE Attack Defenses.

get

https://cti.example.com/api/v2/attack-defenses

Required permissions

read attack

Query Params

limit

int32

≥ 1

Maximum number of items to be returned

offset

int32

≥ 0

Return results starting from the specified (zero-based) index

sort

string

Comma-separated list of fields to sort on. Prefix a field with the minus "-" sign if you intend to apply descending sorting to it

data

boolean

Set this parameter to false if you want to only retrieve the number of objects matching the query

attributes

string

Comma-separated list of attributes to be returned. Nested attributes are separated by dots - e.g. data.title

filter[id]

string

Filter by ID

filter[type]

string

Filter by type: analytic, data-component, detection-strategy, mitigation

filter[name]

string

Filter by name

filter[matrix]

string

Filter by matrix: DISARM, enterprise-attack, ics-attack, mobile-attack

filter[related_techniques]

string

Filter objects being directly related to a certain ATTACK technique id. This filter is not having an effect on data-source as those objects are related to techniques through data-component objects.

filter[source_defenses]

string

Filter objects being referenced by a certain ATTACK defense id. For a detection-strategy id the related analytic objects are returned while for an analytic id, the related data-component are returned. example: [DET0103, AN0286]

Responses

Language

Credentials

Response

Click Try It! to start a request and see the response here! Or choose an example:

application/json

200The requested object(s)

401Unauthorized request

403Missing permissions