Question 1

How to generate an attack flow from an incident report using SITF?

Accepted Answer

Use the Claude AI skill /attack-flow with a web search or URL to automatically create JSON files, or manually build flows with the online drag-and-drop visualizer for more control, as explained in the documentation.

Question 2

SITF vs MITRE ATT&CK for software supply chain security

Accepted Answer

SITF is specifically tailored to SDLC infrastructure with interactive tools and AI automation, while MITRE ATT&CK is broader; SITF offers more focused analysis for development pipelines but may lack the general coverage of ATT&CK.

Question 3

Can I use SITF without Claude AI?

Accepted Answer

Yes, you can use the visualizer and technique library offline via HTML files, but you'll miss the automated attack flow generation and proposal features that rely on Claude AI skills.

Question 4

What tools are needed to run SITF locally?

Accepted Answer

You need a web browser for the HTML visualizers and Python 3 to run build scripts for contributions; no complex server setup is required, making it lightweight for local use.

Question 5

How to add a new attack technique to SITF?

Accepted Answer

Edit the techniques.json file directly or use the Claude skill /technique-proposal to generate a PR-ready definition, then run the Python build script to update documentation and web apps.

Question 6

Does SITF provide actionable security controls?

Accepted Answer

Yes, each technique maps to both protective and detective controls with industry framework references, offering concrete mitigation steps, though implementation is left to the user's existing tools.

SDLC Infrastructure Threat Framework (SITF)

What is SDLC Infrastructure Threat Framework (SITF)?

Overview

Use Cases

Best For

Related Projects

Found a gem we're missing?

Not Ideal For

Pros & Cons

Pros

Cons

Frequently Asked Questions