-
attack-flow
Attack Flow helps executives, SOC managers, and defenders easily understand how attackers compose ATT&CK techniques into attacks by developing a representation of attack flows, modeling attack flows for a small corpus of incidents, and creating visualization tools to display attack flows.
This is what Attack Flow is specifically meant to help with (https://github.com/center-for-threat-informed-defense/attack-flow and https://www.youtube.com/watch?v=dlTTF4TF48A). Take a look at the CEO Scenario walkthrough (https://github.com/center-for-threat-informed-defense/attack-flow/blob/main/docs/ceo_scenario.md), the use of a Sankey diagram to highlight how mitigations reduce the cost of risk is one of the best representations I know of.
-
SaaSHub
SaaSHub - Software Alternatives and Reviews. SaaSHub helps you find the best software and product alternatives
-
There's also a plugin for Caldera (https://github.com/mitre/caldera) called Pathfinder (https://github.com/center-for-threat-informed-defense/caldera_pathfinder and https://www.youtube.com/watch?v=gQRWkHFRG-s) that can help.
-
caldera_pathfinder
Pathfinder is a plugin for mapping network vulnerabilities, scanned by CALDERA or imported by a supported network scanner, and translating those scans into adversaries for network traversal.
There's also a plugin for Caldera (https://github.com/mitre/caldera) called Pathfinder (https://github.com/center-for-threat-informed-defense/caldera_pathfinder and https://www.youtube.com/watch?v=gQRWkHFRG-s) that can help.
Related posts
-
What adversary emulation options are there nowadays to test SIEMs and IDSs?
-
adversary_emulation_library: An open library of adversary emulation plans designed to empower organizations to test their defenses based on real-world TTPs.
-
Attack Flow v2.0.1 — a language for describing how cyber adversaries combine and sequence various offensive techniques to achieve their goals
-
Attack simulation tool based on CVE
-
micro_emulation_plans: This collection expands the impact of the Adversary Emulation Library by developing easy-to-execute adversary emulation content that targets specific behaviors and challenges facing defenders