Attack Flow is a language for describing how cyber adversaries combine and sequence various offensive techniques to achieve their goals. The project helps defenders and leaders understand how adversaries operate and improve their own defensive posture. This project is created and maintained by the MITRE Engenuity Center for Threat-Informed Defense in futherance of our mission to advance the start of the art and and the state of the practice in threat-informed defense globally. The project is funded by our research participants.
Table Of Contents:
To get started, we suggest skimming the documentation to get familiar with the project. Next, you may want to try creating your own attack flows using the Attack Flow Builder, which is an easy-to-use GUI tool. When you are ready to dive deep, review the Example Flows and JSON Schema for the language.
Resource | Description |
---|---|
Documentation | Complete documentation for the Attack Flow project. |
Attack Flow Builder | An online GUI tool for building Attack Flows. |
JSON Schema | The language specification expressed as a JSON Schema. |
Example Flows | A corpus of example Attack Flows. |
There are several ways that you can get involved with this project and help advance threat-informed defense:
Please submit issues for any technical questions/concerns or contact ctid@mitre-engenuity.org directly for more general inquiries.
Also see the guidance for contributors if are you interested in contributing or simply reporting issues.
We welcome your feedback and contributions to help advance Attack Flow. Please see the guidance for contributors if are you interested in contributing or simply reporting issues.
Please submit issues for any technical questions/concerns or contact ctid@mitre-engenuity.org directly for more general inquiries.
Copyright 2021 MITRE Engenuity. Approved for public release. Document number CT0040
Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License.
This project makes use of MITRE ATT&CK®