Report Export Templates
API Documentation
PlexTrac.com

RunbooksDB Home Page

The RunbooksDB home page consists of five tabs:

  • Repositories: A set of processes that can be reused and have controlled access.

  • Procedures: A set of steps required to execute a tactic. For example, a procedure for browser extension-based persistence could describe how a malicious extension is injected to maintain persistence.

  • Techniques: A grouping of procedures. Techniques are added to a tactic for use in an engagement. For example, if a tactic is persistence, a technique could exist for browser extensions.

  • Tactics: A grouping of techniques. Tactics are added to a methodology for use in a runbook. This usually represents a type of attack, such as persistence or a privilege escalation from the MITRE ATT&CK framework. This can also be a logical grouping or structure for techniques.

  • Methodologies: A grouping of tactics that are put into a runbook. It contains a title, ID, description, and the series of tactics selected. Tactics can be chosen to apply to the methodology when used as a runbook. This is similar to how the MITRE ATT&CK is broken down, where the methodology represents the framework for TTPs.

Repositories Tab

PlexTrac provides a container for all instances called "PlexTrac Curated" that contains community-produced procedures on MITRE/CTI.

This repository contains over 1100 MITRE procedures from the ATT&CK matrix that can be leveraged. This repository is available to all users and cannot be deleted.

Once a test plan is imported, another repository called "Import" is created, which contains all procedures that were part of imported test plans.

The default repositories cannot be deleted.

Once added, any additional repositories will be displayed on the page alphabetically according to their title.

Each repository card provides the following information:

  1. Repository Title

  2. Repository Type: Open, Managed, or Private

  3. Meatballs Menu: options to copy or delete the repository

  4. Repository Description

  5. Number of contained procedures

  6. Number of added users

Procedures Tab

To view all procedures, click the Procedures tab. This view will display useful information such as the procedure ID, repository ID, methodology, repository, source, assigned tags, and the ability to edit or delete a procedure.

Techniques Tab

To view all techniques, click the Techniques tab. This view will display useful information such as the title, ID, leveraged tactics, and the ability to edit or delete.

Tactics Tab

To view all tactics, click the Tactics tab. This view will display useful information such as the title, ID, leveraged methodology, and the ability to edit or delete.

Methodologies Tab

To view all methodologies, click the Methodologies tab. This view will display useful information such as the title, ID, and the ability to edit or delete.

PreviousRunbooksDBNextManaging Repositories

Last updated

Resources

Privacy PolicyTerms of UseVulnerability Policy

© 2024 PlexTrac, Inc. All rights reserved.