-
VECTR
VECTR is a tool that facilitates tracking of your red and blue team testing activities to measure detection and prevention capabilities across different attack scenarios
-
InfluxDB
Power Real-Time Data Analytics at Scale. Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality.
-
attack-flow
Attack Flow helps executives, SOC managers, and defenders easily understand how attackers compose ATT&CK techniques into attacks by developing a representation of attack flows, modeling attack flows for a small corpus of incidents, and creating visualization tools to display attack flows.
-
heimdall2
Heimdall Enterprise Server 2 lets you view, store, and compare automated security control scan results.
-
SaaSHub
SaaSHub - Software Alternatives and Reviews. SaaSHub helps you find the best software and product alternatives
- Threat Modeling - Based on the assessment results, define potential attack paths (not a single action against a single asset, but the full chain of steps that an attacker would take - see https://github.com/center-for-threat-informed-defense/attack-flow/blob/main/docs/ceo_scenario.md for a basic example). Prioritize your attack paths based on whatever real world factors affect your team's availability, capabilities, etc. For example, if the team's availability overlaps with a year-end accounting process, pick an attack path that doesn't touch your finance and accounting team.