Skip to content

Commit 64a5b03

Browse files
dplumleedplumlee
committed
[Security Solution][Detection Rules] Adds a catch-all display tag for Mitre descriptions (#87240)
1 parent 37017f1 commit 64a5b03

2 files changed

Lines changed: 18 additions & 6 deletions

File tree

x-pack/plugins/security_solution/public/detections/components/rules/description_step/helpers.test.tsx

Lines changed: 9 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -212,7 +212,9 @@ describe('helpers', () => {
212212
});
213213
const wrapper = shallow<React.ReactElement>(result[0].description as React.ReactElement);
214214
expect(result[0].title).toEqual('Mitre Attack');
215-
expect(wrapper.find('[data-test-subj="threatTacticLink"]').text()).toEqual('');
215+
expect(wrapper.find('[data-test-subj="threatTacticLink"]').text()).toEqual(
216+
'Collection (TA000999)'
217+
);
216218
expect(wrapper.find('[data-test-subj="threatTechniqueLink"]').text()).toEqual(
217219
'Audio Capture (T1123)'
218220
);
@@ -234,7 +236,9 @@ describe('helpers', () => {
234236
expect(wrapper.find('[data-test-subj="threatTacticLink"]').text()).toEqual(
235237
'Collection (TA0009)'
236238
);
237-
expect(wrapper.find('[data-test-subj="threatTechniqueLink"]').text()).toEqual('');
239+
expect(wrapper.find('[data-test-subj="threatTechniqueLink"]').text()).toEqual(
240+
'Audio Capture (T1123456)'
241+
);
238242
});
239243

240244
test('returns empty technique link if no corresponding subtechnique id found', () => {
@@ -265,7 +269,9 @@ describe('helpers', () => {
265269
expect(wrapper.find('[data-test-subj="threatTechniqueLink"]').text()).toEqual(
266270
'Audio Capture (T1123)'
267271
);
268-
expect(wrapper.find('[data-test-subj="threatSubtechniqueLink"]').text()).toEqual('');
272+
expect(wrapper.find('[data-test-subj="threatSubtechniqueLink"]').text()).toEqual(
273+
'Audio Capture Data (T1123.000123)'
274+
);
269275
});
270276

271277
test('returns with corresponding tactic, technique, and subtechnique link text', () => {

x-pack/plugins/security_solution/public/detections/components/rules/description_step/helpers.tsx

Lines changed: 9 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -151,7 +151,9 @@ export const buildThreatDescription = ({ label, threat }: BuildThreatDescription
151151
href={singleThreat.tactic.reference}
152152
target="_blank"
153153
>
154-
{tactic != null ? tactic.text : ''}
154+
{tactic != null
155+
? tactic.text
156+
: `${singleThreat.tactic.name} (${singleThreat.tactic.id})`}
155157
</EuiLink>
156158
<EuiFlexGroup gutterSize="none" alignItems="flexStart" direction="column">
157159
{singleThreat.technique.map((technique, techniqueIndex) => {
@@ -165,7 +167,9 @@ export const buildThreatDescription = ({ label, threat }: BuildThreatDescription
165167
iconType={ListTreeIcon}
166168
size="xs"
167169
>
168-
{myTechnique != null ? myTechnique.label : ''}
170+
{myTechnique != null
171+
? myTechnique.label
172+
: `${technique.name} (${technique.id})`}
169173
</TechniqueLinkItem>
170174
<EuiFlexGroup gutterSize="none" alignItems="flexStart" direction="column">
171175
{technique.subtechnique != null &&
@@ -184,7 +188,9 @@ export const buildThreatDescription = ({ label, threat }: BuildThreatDescription
184188
iconType={ListTreeIcon}
185189
size="xs"
186190
>
187-
{mySubtechnique != null ? mySubtechnique.label : ''}
191+
{mySubtechnique != null
192+
? mySubtechnique.label
193+
: `${subtechnique.name} (${subtechnique.id})`}
188194
</TechniqueLinkItem>
189195
</SubtechniqueFlexItem>
190196
);

0 commit comments

Comments
 (0)