Attack Flow Product Support
Attack Flow is first standard for non-atomic information security from the creators of the two most widely used used threat actor standards: Verizon (VERIS) and Mitre (ATT&CK (tm)). Attack Flow is a key addition to any security product planning to stay on the leading edge of information security.
We provide product support services in multiple areas:
If you have implemented Attack Flow in yoru product, we can review your attack flow implementations for compliance and interoperability.
If you wish to learn how to implement Attack Flow in your product, we can train your organization how to use Attack Flow in your products.
If your organization hopes to implement Attack Flow without retaining Attack Flow expertise, we can provide tailored advice on how to implement attack flow in your product.
Attack Flow can be used in many different type of products
- It can be used in penetration testing frameworks to provide documentation of tests
- It can be used in control validation tools to produce repeatable tests in an interoperable, machine readable, way
- It can be used for Digital Forensics and Incident Response (DFIR) products to structure threat actor actions and additional contextual knowledge for products in a structured way
- It can be used for Detection by identifying logs that signal non-atomic attacker actions as well as querying for sequences of actions
- It can be used in Threat Intelligence tools to document threat actor knowledge and common non-atomic attack techniques
- It can be used as a way to interactively communicate non-atomic security concepts to product users
- It facilitates data sharing between products