Overview
The Cyber Kill Chain Security Assessment platform is an enterprise-grade tool designed to systematically evaluate organizational security posture across multiple stages of the MITRE ATT&CK kill chain framework. This API enables security teams to document control implementation status, measure compliance gaps, and generate comprehensive security assessments tailored to organizational risk profiles.
Built for security professionals, compliance officers, and enterprise risk managers, this platform transforms control validation into actionable security intelligence. By mapping security controls to kill chain stages, organizations gain visibility into defense effectiveness and can prioritize remediation efforts based on attack vector coverage.
The assessment engine supports three operational tiers—basic, standard, and enterprise—accommodating organizations from small teams to large multi-division enterprises. Each tier provides proportionate depth of analysis, enabling right-sized security assessment without unnecessary complexity.
Usage
Sample Request
CODEBLOCK0
Sample Response
CODEBLOCK1
Endpoints
GET /health
Description: Health check endpoint for service availability verification.
Parameters: None
Response:
- - Status Code: 200
- Content-Type: application/json
- Body: JSON object confirming service health status
POST /api/security/assess
Description: Perform comprehensive Cyber Kill Chain security assessment across specified control domains and kill chain stages.
Parameters:
| Name | Type | Required | Description |
|---|
| tier | string | Yes | Assessment tier level: basic, standard, or enterprise. Determines scope and depth of analysis. |
| sessionId |
string | Yes | Unique session identifier for audit trail and assessment tracking. Recommended format:
ckc-YYYY-MM-QX-description. |
| controls | object | Yes | Kill chain stage controls indexed by stage name. Each stage contains array of control assessments. |
| controls[stage] | array | Yes | Array of control assessments for a specific kill chain stage (e.g.,
reconnaissance,
weaponization,
delivery). |
| controlId | string | Yes | Unique identifier for the security control being assessed. |
| compliant | boolean | Yes | Compliance status:
true if control is implemented and operational,
false if non-compliant. |
| notes | string | Optional | Contextual notes, implementation details, or remediation timeline. Maximum 500 characters recommended. |
Response:
- - Status Code: 200
- Content-Type: application/json
- Body: Assessment results including overall score, stage-by-stage breakdown, compliance rate, identified gaps, and remediation recommendations.
Error Responses:
- - Status Code: 422
- Description: Validation error. Request failed schema validation (missing required fields, invalid tier value, malformed control structure).
- Content-Type: application/json
- Body: Validation error details with field locations and error messages.
OPTIONS /api/security/assess
Description: CORS preflight request handler for cross-origin assessment submissions.
Parameters: None
Response:
- - Status Code: 200
- Content-Type: application/json
- Body: CORS headers configuration confirming allowed methods and origins.
Pricing
| Plan | Calls/Day | Calls/Month | Price |
|---|
| Free | 5 | 50 | Free |
| Developer |
20 | 500 | $39/mo |
| Professional | 200 | 5,000 | $99/mo |
| Enterprise | 100,000 | 1,000,000 | $299/mo |
About
ToolWeb.in - 200+ security APIs, CISSP & CISM, platforms: Pay-per-run, API Gateway, MCP Server, OpenClaw, RapidAPI, YouTube.
References
- - Kong Route: https://api.mkkpro.com/security/cyber-kill-chain
- API Docs: https://api.mkkpro.com:8043/docs
技能名称: 网络杀伤链安全评估
详细描述:
概述
网络杀伤链安全评估平台是一款企业级工具,旨在系统性地评估组织在MITRE ATT&CK杀伤链框架多个阶段的安全态势。该API使安全团队能够记录控制实施状态、衡量合规差距,并生成针对组织风险概况量身定制的全面安全评估。
该平台专为安全专业人员、合规官员和企业风险管理者打造,将控制验证转化为可操作的安全情报。通过将安全控制映射到杀伤链阶段,组织能够深入了解防御有效性,并基于攻击向量覆盖范围优先安排补救工作。
评估引擎支持三个运营层级——基础版、标准版和企业版——可满足从小型团队到大型多部门企业的需求。每个层级提供相应深度的分析,实现恰到好处的安全评估,避免不必要的复杂性。
使用说明
示例请求
json
{
tier: standard,
sessionId: ckc-2024-q1-audit-001,
controls: {
reconnaissance: [
{
controlId: RECON-001,
compliant: true,
notes: 通过威胁情报平台进行OSINT监控
},
{
controlId: RECON-002,
compliant: false,
notes: 域名注册监控尚未实施
}
],
weaponization: [
{
controlId: WEAPON-001,
compliant: true,
notes: 已启用邮件网关沙箱,爆破窗口期为48小时
}
],
delivery: [
{
controlId: DELIVERY-001,
compliant: true,
notes: 已启用基于机器学习的先进邮件过滤
},
{
controlId: DELIVERY-002,
compliant: false,
notes: USB设备策略执行待端点刷新
}
]
}
}
示例响应
json
{
assessmentId: ckc-2024-q1-audit-001,
tier: standard,
timestamp: 2024-01-15T10:30:00Z,
overallScore: 72,
complianceRate: 0.78,
stageBreakdown: {
reconnaissance: {
score: 50,
compliant: 1,
total: 2,
gaps: [
域名注册监控
]
},
weaponization: {
score: 100,
compliant: 1,
total: 1,
gaps: []
},
delivery: {
score: 75,
compliant: 2,
total: 3,
gaps: [
USB设备策略执行
]
}
},
recommendations: [
{
stage: reconnaissance,
priority: high,
action: 实施域名注册监控服务
},
{
stage: delivery,
priority: medium,
action: 加速端点策略执行部署
}
],
nextReviewDate: 2024-04-15
}
端点
GET /health
描述: 服务可用性验证的健康检查端点。
参数: 无
响应:
- - 状态码: 200
- 内容类型: application/json
- 正文: 确认服务健康状态的JSON对象
POST /api/security/assess
描述: 在指定的控制域和杀伤链阶段执行全面的网络杀伤链安全评估。
参数:
| 名称 | 类型 | 必填 | 描述 |
|---|
| tier | string | 是 | 评估层级级别:basic、standard或enterprise。决定分析的范围和深度。 |
| sessionId |
string | 是 | 用于审计追踪和评估跟踪的唯一会话标识符。推荐格式:ckc-YYYY-MM-QX-description。 |
| controls | object | 是 | 按阶段名称索引的杀伤链阶段控制。每个阶段包含控制评估数组。 |
| controls[stage] | array | 是 | 特定杀伤链阶段(例如reconnaissance、weaponization、delivery)的控制评估数组。 |
| controlId | string | 是 | 被评估安全控制的唯一标识符。 |
| compliant | boolean | 是 | 合规状态:如果控制已实施并运行则为true,如果不符合则为false。 |
| notes | string | 可选 | 上下文说明、实施细节或补救时间表。建议最多500个字符。 |
响应:
- - 状态码: 200
- 内容类型: application/json
- 正文: 评估结果,包括总体得分、逐阶段细分、合规率、已识别差距和补救建议。
错误响应:
- - 状态码: 422
- 描述: 验证错误。请求未通过模式验证(缺少必填字段、层级值无效、控制结构格式错误)。
- 内容类型: application/json
- 正文: 包含字段位置和错误消息的验证错误详情。
OPTIONS /api/security/assess
描述: 用于跨域评估提交的CORS预检请求处理器。
参数: 无
响应:
- - 状态码: 200
- 内容类型: application/json
- 正文: 确认允许的方法和来源的CORS头配置。
定价
| 套餐 | 每日调用次数 | 每月调用次数 | 价格 |
|---|
| 免费版 | 5 | 50 | 免费 |
| 开发者版 |
20 | 500 | $39/月 |
| 专业版 | 200 | 5,000 | $99/月 |
| 企业版 | 100,000 | 1,000,000 | $299/月 |
关于我们
ToolWeb.in - 200+安全API,CISSP和CISM认证,平台:按次付费、API网关、MCP服务器、OpenClaw、RapidAPI、YouTube。
参考信息
- - Kong路由: https://api.mkkpro.com/security/cyber-kill-chain
- API文档: https://api.mkkpro.com:8043/docs
