Attack Flow v2.1.7

Attack Flow is a language for describing how cyber adversaries combine and sequence various offensive techniques to achieve their goals. The project helps defenders and leaders understand how adversaries operate and improve their own defensive posture. This project is created and maintained by the MITRE Engenuity Center for Threat-Informed Defense in futherance of our mission to advance the state of the art and the state of the practice in threat-informed defense globally. The project is funded by our research participants.

Contents

• Overview
  • Introduction
  • Who is Attack Flow For?
  • Use Cases
  • Get Started
  • Deep Dive
• Introduction
  • Action Objects
  • Condition Objects
  • Parallel Attack Paths
  • Operator Objects
  • Asset Objects
  • Success and Failure
  • Additional STIX Objects
• Example Flows
  • List of Examples
• Builder
  • Getting Started
  • Docker
  • Download
  • Developer
• Visualization
  • ATT&CK Navigator
• Language
  • Overview
  • STIX Datatypes
  • STIX Common Properties
  • Attack Flow SDOs
  • Effects
  • Confidence
• Best Practices Guide
  • Project Name
  • Open-Source Report Selection
  • Mapping Reports to ATT&CK Techniques
  • Flow Structure
  • Flow Data
  • Quality Criteria for Public Corpus
• Developers
  • Attack Flow Library
  • Attack Flow Builder
  • Releases
• Translation to OWL/RDF
  • Overview
  • The Context
  • Objects
  • Converting to RDF
  • Full Code Listing
• Changelog
  • Attack Flow 2
  • Attack Flow 1

Notice

© 2022 MITRE Engenuity. Approved for public release. Document number CT0040.

Licensed under the Apache License, Version 2.0 (the “License”); you may not use this file except in compliance with the License. You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0

Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an “AS IS” BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License.

This project makes use of ATT&CK®: ATT&CK Terms of Use