概述

Overview

The Cyber Kill Chain Security Assessment platform is an enterprise-grade tool designed to systematically evaluate organizational security posture across multiple stages of the MITRE ATT&CK kill chain framework. This API enables security teams to document control implementation status, measure compliance gaps, and generate comprehensive security assessments tailored to organizational risk profiles.

Built for security professionals, compliance officers, and enterprise risk managers, this platform transforms control validation into actionable security intelligence. By mapping security controls to kill chain stages, organizations gain visibility into defense effectiveness and can prioritize remediation efforts based on attack vector coverage.

The assessment engine supports three operational tiers—basic, standard, and enterprise—accommodating organizations from small teams to large multi-division enterprises. Each tier provides proportionate depth of analysis, enabling right-sized security assessment without unnecessary complexity.

Usage

Sample Request

{
  "tier": "standard",
  "sessionId": "ckc-2024-q1-audit-001",
  "controls": {
    "reconnaissance": [
      {
        "controlId": "RECON-001",
        "compliant": true,
        "notes": "OSINT monitoring active via threat intelligence platform"
      },
      {
        "controlId": "RECON-002",
        "compliant": false,
        "notes": "Domain registration monitoring not yet implemented"
      }
    ],
    "weaponization": [
      {
        "controlId": "WEAPON-001",
        "compliant": true,
        "notes": "Email gateway sandboxing enabled with 48-hour detonation window"
      }
    ],
    "delivery": [
      {
        "controlId": "DELIVERY-001",
        "compliant": true,
        "notes": "Advanced email filtering with machine learning enabled"
      },
      {
        "controlId": "DELIVERY-002",
        "compliant": false,
        "notes": "USB device policy enforcement pending endpoint refresh"
      }
    ]
  }
}

Sample Response

{
  "assessmentId": "ckc-2024-q1-audit-001",
  "tier": "standard",
  "timestamp": "2024-01-15T10:30:00Z",
  "overallScore": 72,
  "complianceRate": 0.78,
  "stageBreakdown": {
    "reconnaissance": {
      "score": 50,
      "compliant": 1,
      "total": 2,
      "gaps": [
        "Domain registration monitoring"
      ]
    },
    "weaponization": {
      "score": 100,
      "compliant": 1,
      "total": 1,
      "gaps": []
    },
    "delivery": {
      "score": 75,
      "compliant": 2,
      "total": 3,
      "gaps": [
        "USB device policy enforcement"
      ]
    }
  },
  "recommendations": [
    {
      "stage": "reconnaissance",
      "priority": "high",
      "action": "Implement domain registration monitoring service"
    },
    {
      "stage": "delivery",
      "priority": "medium",
      "action": "Accelerate endpoint policy enforcement rollout"
    }
  ],
  "nextReviewDate": "2024-04-15"
}

Endpoints

GET /health

Description: Health check endpoint for service availability verification.

Parameters: None

Response:

Status Code: 200
Content-Type: application/json
Body: JSON object confirming service health status

POST /api/security/assess

Description: Perform comprehensive Cyber Kill Chain security assessment across specified control domains and kill chain stages.

Parameters:

Name	Type	Required	Description
------	------	----------	-------------
tier	string	Yes	Assessment tier level: `basic`, `standard`, or `enterprise`. Determines scope and depth of analysis.
sessionId	string	Yes	Unique session identifier for audit trail and assessment tracking. Recommended format: `ckc-YYYY-MM-QX-description`.
controls	object	Yes	Kill chain stage controls indexed by stage name. Each stage contains array of control assessments.
controls[stage]	array	Yes	Array of control assessments for a specific kill chain stage (e.g., `reconnaissance`, `weaponization`, `delivery`).
controlId	string	Yes	Unique identifier for the security control being assessed.
compliant	boolean	Yes	Compliance status: `true` if control is implemented and operational, `false` if non-compliant.
notes	string	Optional	Contextual notes, implementation details, or remediation timeline. Maximum 500 characters recommended.

Response:

Status Code: 200
Content-Type: application/json
Body: Assessment results including overall score, stage-by-stage breakdown, compliance rate, identified gaps, and remediation recommendations.

Error Responses:

Status Code: 422
Description: Validation error. Request failed schema validation (missing required fields, invalid tier value, malformed control structure).
Content-Type: application/json
Body: Validation error details with field locations and error messages.

OPTIONS /api/security/assess

Description: CORS preflight request handler for cross-origin assessment submissions.

Parameters: None

Response:

Status Code: 200
Content-Type: application/json
Body: CORS headers configuration confirming allowed methods and origins.

Pricing

Plan	Calls/Day	Calls/Month	Price
------	-----------	-------------	-------
Free	5	50	Free
Developer	20	500	$39/mo
Professional	200	5,000	$99/mo
Enterprise	100,000	1,000,000	$299/mo

About

ToolWeb.in - 200+ security APIs, CISSP & CISM, platforms: Pay-per-run, API Gateway, MCP Server, OpenClaw, RapidAPI, YouTube.

References

Kong Route: https://api.mkkpro.com/security/cyber-kill-chain
API Docs: https://api.mkkpro.com:8043/docs

版本历史

共 1 个版本

v1.0.0 当前

2026-03-31 03:10 安全安全

安全检测

腾讯云安全 (Keen)

安全，无风险

查看报告

腾讯云安全 (Sanbu)

安全，无风险

查看报告

Cyber Kill Chain

概述

Overview

Usage

Sample Request

Sample Response

Endpoints

GET /health

POST /api/security/assess

OPTIONS /api/security/assess

Pricing

About

References

版本历史

安全检测

腾讯云安全 (Keen)

腾讯云安全 (Sanbu)

🔗 相关推荐

OpenClaw Backup

Free Ride - Unlimited free AI

PDF To PPTX