Class: ActiveStix::Phase

Inherits:
ApplicationRecord show all
Defined in:
app/models/active_stix/phase.rb

Constant Summary collapse

@@rank_map = 
{
    'initial-access' => 0,
    'execution' => 1,
    'persistence' => 2,
    'privilege-escalation' => 3,
    'defense-evasion' => 4,
    'credential-access' => 5,
    'discovery' => 6,
    'lateral-movement' => 7,
    'collection' => 8,
    'command-and-control' => 9,
    'exfiltration' => 10,
    'impact' => 11
}

Class Method Summary collapse

Instance Method Summary collapse

Class Method Details

.ingest_json(obj) ⇒ Object 



21
22
23
24
25
 
# File 'app/models/active_stix/phase.rb', line 21

def self.ingest_json(obj)
  kill_chain = ActiveStix::KillChain.find_or_create_by(name: obj['kill_chain_name'])
  phase = kill_chain.phases.find_or_create_by(name: obj['phase_name'], rank:@@rank_map[obj['phase_name']])
  phase
end

Instance Method Details

#as_stixObject 



27
28
29
30
31
32
 
# File 'app/models/active_stix/phase.rb', line 27

def as_stix
  as_json(only: []).tap do |hash|
    hash["phase_name"] = name
    hash["kill_chain_name"] = kill_chain.name
  end
end

#convert_to_jsonObject 



34
35
36
37
38
39
 
# File 'app/models/active_stix/phase.rb', line 34

def convert_to_json
  {
      :kill_chain_name => kill_chain.convert_to_json,
      :phase_name => name
  }
end