Using the RiskTree^® Processor

Can I upload multiple RiskTrees?

Yes. After pressing the "Choose files" button, you can select more than one file by holding down the SHIFT key as you click on the files. Then just click "Open" and they will be uploaded together.

What happens when I upload multiple attack trees?

The data from the trees are combined, and the risks will be assessed together. This is a great way of taking trees that have been developed separately and then blending them to see the risk across a department or organization.

My RiskTrees are in mindmap format, but the filename doesn't end in ".mm".

That isn't a problem. Either change the file extension to ".mm", or when uploading them just change the dropdown from "MM File (.mm)" to "All Files".

The "Choose Files" button is greyed out.

The page needs to be reloaded. The easiest way to do this is to press the large "Reload ↺" button. Alternatively, press the "Refresh" button in your browser.

Where are my RiskTrees stored?

We don't store any of your data, with the exception of the credentials for your account. When you create a RiskTree using the Designer, all of your data is being processed locally in your browser. Saving the file either generates a download locally, without sending any data to the server, or presents you with the data to paste into a local file. When you calculate the risks, none of the information about the risk names, or the tree structure, is sent to our servers for processing (after all, we don't need to see this).

How do I know that my attacks are not being sent to you when I upload my RiskTrees?

We know that this is important to you, and so have a help page specifically about this topic.

Invalid values

One of the values on the given line of the RiskTree file is not valid. The RiskTree Validator can be used to get a more detailed explanation of the problem.

Some versions of RiskTree include content developed by the MITRE Corporation. This content is © 2022 The MITRE Corporation. This work is reproduced and distributed with the permission of The MITRE Corporation.

MITRE does not claim ATT&CK enumerates all possibilities for the types of actions and behaviors documented as part of its adversary model and framework of techniques. Using the information contained within ATT&CK to address or cover full categories of techniques will not guarantee full defensive coverage as there may be undisclosed techniques or variations on existing techniques not documented by ATT&CK.