diff --git a/pycti/entities/opencti_identity.py b/pycti/entities/opencti_identity.py index 12f7ae6d0..09abd1956 100644 --- a/pycti/entities/opencti_identity.py +++ b/pycti/entities/opencti_identity.py @@ -57,6 +57,9 @@ def __init__(self, opencti): x_opencti_firstname x_opencti_lastname } + ... on SecurityPlatform { + security_platform_type + } } objectMarking { id @@ -113,6 +116,9 @@ def __init__(self, opencti): x_opencti_organization_type x_opencti_score } + ... on SecurityPlatform { + security_platform_type + } """ self.properties_with_files = """ id @@ -160,6 +166,9 @@ def __init__(self, opencti): x_opencti_firstname x_opencti_lastname } + ... on SecurityPlatform { + security_platform_type + } } objectMarking { id @@ -229,6 +238,9 @@ def __init__(self, opencti): x_opencti_organization_type x_opencti_score } + ... on SecurityPlatform { + security_platform_type + } importFiles { edges { node { @@ -414,6 +426,7 @@ def create(self, **kwargs): contact_information = kwargs.get("contact_information", None) roles = kwargs.get("roles", None) x_opencti_aliases = kwargs.get("x_opencti_aliases", None) + security_platform_type = kwargs.get("security_platform_type", None) x_opencti_organization_type = kwargs.get("x_opencti_organization_type", None) x_opencti_reliability = kwargs.get("x_opencti_reliability", None) x_opencti_score = kwargs.get("x_opencti_score", None) @@ -463,6 +476,24 @@ def create(self, **kwargs): input_variables["x_opencti_reliability"] = x_opencti_reliability input_variables["x_opencti_score"] = x_opencti_score result_data_field = "organizationAdd" + elif type == IdentityTypes.SECURITYPLATFORM.value: + query = """ + mutation SecurityPlatformAdd($input: SecurityPlatformAddInput!) { + securityPlatformAdd(input: $input) { + id + standard_id + entity_type + parent_types + } + } + """ + input_variables["security_platform_type"] = security_platform_type + # no need for these attributes for security platform + del input_variables["contact_information"] + del input_variables["lang"] + del input_variables["roles"] + del input_variables["x_opencti_aliases"] + result_data_field = "securityPlatformAdd" elif type == IdentityTypes.INDIVIDUAL.value: query = """ mutation IndividualAdd($input: IndividualAddInput!) { @@ -542,6 +573,8 @@ def import_from_stix2(self, **kwargs): type = "Sector" elif stix_object["identity_class"] == "system": type = "System" + elif stix_object["identity_class"] == "securityplatform": + type = "SecurityPlatform" # Search in extensions if "x_opencti_aliases" not in stix_object: @@ -554,6 +587,12 @@ def import_from_stix2(self, **kwargs): "organization_type", stix_object ) ) + if "security_platform_type" not in stix_object: + stix_object["security_platform_type"] = ( + self.opencti.get_attribute_in_extension( + "security_platform_type", stix_object + ) + ) if "x_opencti_reliability" not in stix_object: stix_object["x_opencti_reliability"] = ( self.opencti.get_attribute_in_extension("reliability", stix_object) @@ -635,6 +674,11 @@ def import_from_stix2(self, **kwargs): if "x_opencti_organization_type" in stix_object else None ), + security_platform_type=( + stix_object["security_platform_type"] + if "security_platform_type" in stix_object + else None + ), x_opencti_reliability=( stix_object["x_opencti_reliability"] if "x_opencti_reliability" in stix_object diff --git a/pycti/utils/constants.py b/pycti/utils/constants.py index 642d0a69d..85d36e05d 100644 --- a/pycti/utils/constants.py +++ b/pycti/utils/constants.py @@ -58,6 +58,7 @@ class IdentityTypes(Enum): ORGANIZATION = "Organization" INDIVIDUAL = "Individual" SYSTEM = "System" + SECURITYPLATFORM = "SecurityPlatform" @classmethod def has_value(cls, value):