Get MITRE technique details - Cotool Documentation

cURL

curl --request GET \
  --url https://app.cotool.ai/api/mitre/techniques/{techniqueId} \
  --header 'Authorization: Bearer <token>'

{
  "technique": {
    "techniqueId": "<string>",
    "techniqueName": "<string>",
    "description": "<string>",
    "tactics": [
      "<string>"
    ],
    "isSubtechnique": true,
    "parentTechnique": "<string>",
    "platforms": [
      "<string>"
    ],
    "dataSources": [
      "<string>"
    ],
    "mitigations": [
      "<string>"
    ],
    "url": "<string>",
    "detectionCount": 123,
    "confidence": 0.5,
    "detectionRules": [
      {
        "id": "<string>",
        "name": "<string>",
        "source": "panther",
        "confidence": 0.5,
        "reasoning": "<string>"
      }
    ],
    "rawData": {
      "id": "<string>",
      "type": "attack-pattern",
      "name": "<string>",
      "description": "<string>",
      "external_references": [
        {
          "source_name": "<string>",
          "external_id": "<string>",
          "url": "<string>",
          "description": "<string>"
        }
      ],
      "kill_chain_phases": [
        {
          "kill_chain_name": "<string>",
          "phase_name": "<string>"
        }
      ],
      "x_mitre_version": "<string>",
      "x_mitre_attack_spec_version": "<string>",
      "x_mitre_domains": [
        "<string>"
      ],
      "x_mitre_is_subtechnique": true,
      "x_mitre_detection": "<string>",
      "x_mitre_platforms": [
        "<string>"
      ],
      "x_mitre_data_sources": [
        "<string>"
      ],
      "aliases": [
        "<string>"
      ],
      "created": "<string>",
      "modified": "<string>",
      "spec_version": "<string>",
      "object_marking_refs": [
        "<string>"
      ],
      "revoked": true,
      "x_mitre_deprecated": true
    }
  }
}

GET

api

mitre

techniques

{techniqueId}

cURL

curl --request GET \
  --url https://app.cotool.ai/api/mitre/techniques/{techniqueId} \
  --header 'Authorization: Bearer <token>'

{
  "technique": {
    "techniqueId": "<string>",
    "techniqueName": "<string>",
    "description": "<string>",
    "tactics": [
      "<string>"
    ],
    "isSubtechnique": true,
    "parentTechnique": "<string>",
    "platforms": [
      "<string>"
    ],
    "dataSources": [
      "<string>"
    ],
    "mitigations": [
      "<string>"
    ],
    "url": "<string>",
    "detectionCount": 123,
    "confidence": 0.5,
    "detectionRules": [
      {
        "id": "<string>",
        "name": "<string>",
        "source": "panther",
        "confidence": 0.5,
        "reasoning": "<string>"
      }
    ],
    "rawData": {
      "id": "<string>",
      "type": "attack-pattern",
      "name": "<string>",
      "description": "<string>",
      "external_references": [
        {
          "source_name": "<string>",
          "external_id": "<string>",
          "url": "<string>",
          "description": "<string>"
        }
      ],
      "kill_chain_phases": [
        {
          "kill_chain_name": "<string>",
          "phase_name": "<string>"
        }
      ],
      "x_mitre_version": "<string>",
      "x_mitre_attack_spec_version": "<string>",
      "x_mitre_domains": [
        "<string>"
      ],
      "x_mitre_is_subtechnique": true,
      "x_mitre_detection": "<string>",
      "x_mitre_platforms": [
        "<string>"
      ],
      "x_mitre_data_sources": [
        "<string>"
      ],
      "aliases": [
        "<string>"
      ],
      "created": "<string>",
      "modified": "<string>",
      "spec_version": "<string>",
      "object_marking_refs": [
        "<string>"
      ],
      "revoked": true,
      "x_mitre_deprecated": true
    }
  }
}

Authorizations

Authorization

string

header

required

API Key authentication for programmatic access. Include your API key in the Authorization header as: Bearer your_api_key_here

Path Parameters

techniqueId

string

required

The MITRE technique ID to retrieve details for

Response

200 - application/json

Successful response

technique

object

required

Detailed technique information

Show child attributes

Get MITRE ATT&CK matrix with detection coverage

List Orca alert groups

⌘I

Endpoints

Authorizations

Path Parameters

Response