This system processes CTI reports to generate relevant tactics, techniques, and procedures, mapping them to MITRE ATT&CK with justifications and key entities.

This treemap visualizes the flow of cybersecurity tactics and techniques across key stages like Initial Access, Execution, Defense Evasion, and Collection. Nodes represent specific techniques, such as "Phishing" and "User Execution," illustrating their relationships and progression through the attack lifecycle.  

Users can generate and compare Splunk rules with or without ATIs. Rules with ATIs are more precise and context-aware, while those without are broader and less specific.