RiskBloX

RiskBloX is a Risk Management tool that leverages MITRE ATT&CK® Open Source data to concisely display Attack Techniques, their associated Mitigations, real-world examples of the technique and descriptions.

MITRE ATT&CK® Navigator is used to give a graphical overview of your defensive coverage and a PDF report can be generated containing all the assessed Attack Techniques and Mitigations.

Projects used

  1. Mitre ATT&CK Navigator
    utilized to give a graphical overview of your defensive coverage
  2. Mitre ATT&CK STIX Data
    used as a source of Mitre ATT&CK data in the website
  3. Mitre STIX2 Python API
    used to interact with the Mitre's TAXII database in the localhost version of RiskBloX
  4. Pako
    used to compress the API call that generates a compatible Mitre ATT&CK Navigator Layer
  5. JSPDF with JSPDF Autotable
    used to generate PDF reports and convert to display HTML tables

BIRA

BIRA is a Risk management tool that allows you to jointly define an overarching Risk Appetite Level with stakeholders. Choose from a selection of pre-built BIRAs applicable to your industry or get in contact for a personalised template with customized scoring options.

Identify Security Properties that could arise from your Project and analyse their impact on identified key Risk Area. For example, what Business Impact to External Suppliers (Risk Area) could occur if the project suffered from Unavailability (Security Property). What Risk Appetite can we accept in this regard?