Attack Flows

Attack flow is a data model with supporting tooling and examples for describing sequences of adversary behaviors. Attack flows help defenders understand, share, and make threat-informed decisions based on the sequence of actions in a cyber-attack. Flows can be analyzed to identify common patterns in adversary behavior, overlayed on ATT&CK Navigator layers to understand defensive coverage, and create a foundation for intel-driven adversary emulation plans.

The Security decision flow module facilitate the management of attack path that can be linked to a finding.

The visualization of the attack path of a vulnerability or finding has been implemented adapting a web app that simplifies building attack decision trees: ATT&CK

Other attack path/trees planner that I recommend you to take a look:

• Deciduous

• Walter: Attack Path Planner

List of Attack Flows

Add Attack Flow