Security Defense Planner
Map system architecture to MITRE ATT&CK®
Define Your System Architecture
Select the components that make up your system to identify relevant attack vectors and techniques.
Common Components
Web Servers
Public-facing web application servers
API Services
API endpoints for application integration
Static Websites
Static content web hosting
Content Management
Content management systems (WordPress, Drupal, etc.)
CDN
Content Delivery Networks for distributed hosting
SQL Databases
Relational databases holding structured data
NoSQL Databases
Non-relational databases for unstructured data
Graph Database
Databases optimized for graph-based data structures
Time Series DB
Databases optimized for time series data
Containers
Containerized applications and services
Kubernetes
Container orchestration platform
Docker Swarm
Docker native container orchestration
Service Mesh
Service-to-service communication infrastructure
Single Sign-On
Centralized authentication service
Multi-Factor Auth
Additional authentication verification layer
Active Directory
Directory service for user and resource management
OAuth/OIDC
Open authorization and identity protocols
Password Manager
Enterprise password management solution
PAM
Privileged access management
Cloud Storage
Cloud-based object or file storage
File Servers
Network attached storage for file sharing
SAN/NAS
Storage area network or network attached storage
Backup Systems
Data backup and recovery systems
AWS Infrastructure
Amazon Web Services infrastructure
Azure Services
Microsoft Azure cloud services
Google Cloud
Google Cloud Platform services
Serverless
Serverless compute functions
IaaS
Infrastructure as a Service
PaaS
Platform as a Service
Windows Clients
Windows-based end-user devices
macOS Clients
macOS-based end-user devices
Linux Desktops
Linux-based end-user workstations
Mobile Devices
Smartphones and tablets (iOS, Android)
BYOD
Bring your own device environment
EDR/XDR
Endpoint Detection and Response systems
Windows Servers
Windows-based servers
Linux Servers
Linux-based backend servers
Mail Servers
Email servers and services
Domain Controllers
Active Directory domain controllers
Virtualization
Virtual machine infrastructure (VMware, Hyper-V)
VPN Services
Virtual Private Network services
SD-WAN
Software-defined wide area network
Firewalls
Network and application firewalls
Load Balancers
Traffic distribution systems
Wireless Networks
Wi-Fi networks and infrastructure
DNS Services
Domain name resolution services
Zero Trust
Zero Trust Network Architecture
Proxy Servers
Web and application proxies
WAF
Web Application Firewall
IoT Devices
Internet of Things connected devices
ICS/SCADA
Industrial control systems
Embedded Systems
Embedded hardware with limited computing resources
Medical Devices
Connected healthcare and medical systems
CI/CD Pipeline
Continuous Integration/Continuous Deployment pipeline
Source Control
Version control systems (Git, SVN)
Artifact Repository
Software package and artifact storage
IaC
Infrastructure as Code (Terraform, CloudFormation)
Config Management
Configuration management tools (Ansible, Chef, Puppet)
Logging Systems
Centralized log collection and management
SIEM
Security Information and Event Management
NDR/NTA
Network Detection and Response / Network Traffic Analysis
Vuln Scanners
Vulnerability assessment tools
APM
Application Performance Monitoring
Your System Architecture
Select components from the list to build your system architecture.