Attack Flow is first standard for non-atomic information security from the creators of the two most widely used used threat actor standards: Verizon (VERIS) and Mitre (ATT&CK (tm)). Attack Flow is the glue that can connect the various parts of your information security program.

We provide commercial support services in multiple areas for your security team:

If your organization has implemented Attack Flow and feels comfortable with it’s use we can review of attack flow implementations for compliance and interoperability.

If your organization wishes to learn how to use Attack Flow we can train your organization in it’s use.

If your organization hopes to benefit from Attack Flow without retaining Attack Flow expertise, we can provide tailored Attack Flow analysis of your data for you.

Attack Flow can be used in many areas of your organization:

• It can be used during Digital Forensics and Incident Response (DFIR) to structure threat actor actions and additional contextual knowledge for incident reports
• It can be used during Detection to identify attacker behaviors and the records that signal them
• It can be used during Threat Intelligence to document attacker behavior and store threat actor knowledge
• It can be used during Penetration Testing to document attack paths for repeatable tests
• It can be used during Security Engineering to analyze risks and plan mitigations
• It can be used to communicate to leadership the paths attackers might take
• It facilitates data sharing between all teams