Open source security testing and compliance automation toolkit
Select, tailor, and create security guidance content appropriate for your mission.
Use Vulcan to create and manage security baselines to implement security requirements.
Implement security baselines using verified Ansible, Chef, and Terraform content.
Use Ansible, Terraform, Chef, and Puppet content from the MITRE SAF Hardening Library to implement security baselines.
Generate detailed security testing results throughout the lifecycle of a system through automated tests and manual attestation.
Use InSpec content from the MITRE SAF Validation Library to assess security control compliance.
Convert security results from all your security tools into a common data format.
Use the MITRE SAF command line interface (CLI) to normalize security tool output in the OASIS Heimdall Data Format (OHDF).
Identify overall security status and deep-dive to resolve specific security defects.
Use the MITRE SAF Heimdall Lite/Server to visualize security status across all security tools and even to share with your organization's reporting / GRC tools.
All MITRE SAF™ content is free to use under the Apache 2 license. The Framework is currently in use by government sponsors, vendors, and private sector companies, tailoring content for their own organizational requirements.
MITRE SAF™ hosts all source code for tools and test profiles publicly on GitHub. Organizations are free to use the code or its capabilities however required.
All MITRE SAF™ content is generated and maintained by a robust security community of both MITRE and non-MITRE contributors; MITRE serves as the framework steward. Collaboration across the community multiplies the impact for all users.
MITRE SAF™ is made up of a toolkit of utilities that support security automation. MITRE SAF™ is modularized into different functions so you can use whichever one makes sense for your favorite security tools. You can use MITRE SAF™ tools on their own or without a container.
The MITRE SAF™ Command Line Interface (CLI) gives users the ability to quickly normalize disparate scan results from multiple tools to HDF, generate InSpec profiles, and validate that security requirements have been met.
Heimdall is MITRE SAF™'s visualization platform. Upload results from the baseline validations that you have run or view existing security standards, and generate reports to give to your organization's reporting or SIEM tools.
The MITRE SAF™ Vulcan application allows users to create security guidance utilizing the Security Requirements Guides. Vulcan streamlines the process to help authors concentrate on writing quality security guidance.
The MITRE SAF™ content library includes InSpec validation profiles and Chef, Ansible, and Puppet hardening content. These can be used as a starting point or as reference material for developing your organization's security controls and hardening baselines.
eMASS integration with MITRE SAF™ provides automated workflows to support continuous monitoring and assessment workflows.
OASIS Heimdall Data Format (OHDF) is the common data format standard that facilitates security results analysis and consumption as a building metric, consolidate data, compare security results from a variety of tools over time, and much more.
Platform One
Defense Security Cooperation Agency
Defense Counterintelligence and Security Agency
United States Air Force
Department of Defense CIO
Defense Information Systems Agency
United States Army Enterprise Cloud Management Agency
Centers for Medicare & Medicaid Services
Center for Disease Control and Prevention
National Reconnaissance Office
Progress Chef
VMware
Sophos
Lockheed Martin
Rancher Government Solutions
Google Cloud
GitHub
Ansible
CrunchyData
Elastic