search

center-for-threat-informed-defense / attack-flow

Attack Flow helps executives, SOC managers, and defenders easily understand how attackers compose ATT&CK techniques into attacks by developing a representation of attack flows, modeling attack flows for a small corpus of incidents, and creating visualization tools to display attack flows.
https://ctid.io/attack-flow
Apache License 2.0
522 stars 83 forks source link

AF-122 Start Refs #83

Closed mehaase closed 11 months ago

mehaase commented 11 months ago

Update the logic for start refs:

  1. impute the graph containing only action and condition nodes
  2. any node in the imputed graph with in-degree equal to zero is a start ref

Note that cycles in the graph are undefined behavior -- it throws an exception right now to prevent creating an invalid Attack Flow -- but we may need to revisit this in the future depending on how common this is in practice.

sonarcloud[bot] commented 11 months ago

Kudos, SonarCloud Quality Gate passed!    Quality Gate passed

Bug A 0 Bugs
Vulnerability A 0 Vulnerabilities
Security Hotspot A 0 Security Hotspots
Code Smell A 3 Code Smells

No Coverage information No Coverage information
0.0% 0.0% Duplication