Torq

This Torq workflow template, "Create Att&amp;ck Layer from TTP List," is designed to process a list of Tactics, Techniques, and Procedures (TTPs) and output a visual representation. When techniques are absent, it enriches tactics information and creates an MITRE ATT&amp;CK layer in both JSON and SVG formats. Ideal for cybersecurity teams, the workflow aids in threat hunting and case management by highlighting techniques and sub-techniques, thus enhancing situational awareness and incident response capabilities.

"Use this workflow as a nested function."

CSPM, Case Management ,DSPM,Function, Threat Hunting

Receives a list of Tactics (TA0002) and Techniques (T1028)

Enrich Tactics when Techniques are not found.

Highlight techniques and sub techniques in the Att&amp;ck Layer.

1. Receives a list of Tactics (TA0002) and Techniques (T1028)
2. Enrich Tactics when Techniques are not found.
3. Highlight techniques and sub techniques in the Att&amp;ck Layer.
4. Creates a Layer in JSON format.
5. Converts JSON Layer to SVG image.

Output contains Att&amp;ack Layer in JSON format and Base64 encoded SVG image.

Use a Quick Action from a case to automatically attach layers when doing Threat Hunting

Receives a list of TTPs and returns an Att&ck layer in JSON and SVG formats.

Create Att&ck Layer from TTP List - Workflow Template

Hyperautomation™

Blog

Our Story

HyperSOC™

Resources

Security And Compliance

Technology Partners

Careers

Legal & Compliance

Contact Us

WHY TORQ

RESOURCES

COMPANY

API Documentation

Torq Academy

Find answers and get help from Intercom Support and Community Experts

Empty Help Center

Uh oh. That page doesn’t exist.

Disappointed

Neutral

Smiley

Title

Track the progress of all tickets related to your company.

Tickets portal.

{assigneeName} needs more information from you

Optional Triggers

Use Cases

Workflow Breakdown

Vendors

Workflow Output

Tips