Detection Engineering and MITRE ATT&CK Coverage Platform.
AttackMapper is a detection engineering platform designed to map adversary techniques to monitoring controls, detection logic, threat hunting workflows, and ATT&CK coverage visibility.
The platform helps security teams understand detection coverage, identify monitoring gaps, improve detection strategy, and align security operations with the MITRE ATT&CK framework.
- Technique Catalog
- Technique Search
- Technique Details
- ATT&CK Coverage Visibility
- Detection Mapping
- Monitoring Control Mapping
- Coverage Validation
- Detection Gap Identification
- ATT&CK-Aligned Investigations
- Hunt Planning
- Technique Analysis
- Detection Improvement
- Detection Coverage Metrics
- ATT&CK Visibility
- Coverage Reporting
- Security Monitoring Insights
Provides a searchable repository of ATT&CK techniques and associated detection information.
Measures detection coverage and identifies monitoring gaps across ATT&CK techniques.
Maps monitoring controls and detection logic to ATT&CK techniques.
Provides visibility into ATT&CK coverage and detection engineering metrics.
MITRE ATT&CK Dataset ↓ Technique Repository ↓ Detection Mapping Layer ↓ Coverage Analytics ↓ REST API ↓ Security Operations Dashboard
- ATT&CK Coverage Assessment
- Detection Gap Analysis
- Threat Hunting Support
- Detection Strategy Development
- Monitoring Improvement
- Security Operations Reporting
/api/techniques
- Python
- Flask
- Bootstrap 5
- JSON
data/ templates/ screenshots/ docs/
- Initial Access
- Execution
- Persistence
- Privilege Escalation
- Defense Evasion
- Credential Access
- Discovery
- Lateral Movement
- Collection
- Impact
- ATT&CK Navigator Export
- Coverage Heatmaps
- Detection Maturity Scoring
- Threat Hunting Analytics
- Detection Effectiveness Metrics
- PostgreSQL Backend
Current Release: v1.0