Travis build status CRAN status

mitre package is designed to provide easy access to cybersecurity data standards. You can expect functions to get data frames for every standard object. It provide a directed graph with all relationships for deep exploratory analysis. You could avoid full parsing process using the latest public Rdata sets.


You can install the released version of mitre from CRAN with:


And the development version from GitHub with:

# install.packages("devtools")

Basic usage

This is a basic example which shows you how to view shield tactics ids and names:

mitredata <- mitre::getLatestDataSet()
shield <- mitredata$standards$shield
shield$tactics[, c("id", "name")]
#>        id       name
#> 1 DTA0001    Channel
#> 2 DTA0002    Collect
#> 3 DTA0003    Contain
#> 4 DTA0004     Detect
#> 5 DTA0005    Disrupt
#> 6 DTA0006 Facilitate
#> 7 DTA0007 Legitimize
#> 8 DTA0008       Test

This example shows the number of ATT&CK Techniques by domain:

#> enterprise-attack        ics-attack     mobile-attack        pre-attack 
#>               670                81               104               174

Network visualization

This is a example which shows you how to visualize shield network:

# library(visNetwork)
# g <- visNetwork::visNetwork(nodes = shield$shieldnet$nodes,
#                             edges = shield$shieldnet$edges)
# g

Shield network zoom in Find some more examples in vignettes to build your own graph like this.

Advanced exploratory analysis

Check this proof of concept project. It is a Rmarkdown document performing an exploratory analysis with mitre network and this data set.

Check how useful could be for cybersecurity analytics in this project and its code.

Code of conduct

Please note that this project is released with a Contributor Code of Conduct. By participating in this project you agree to abide by its terms.