AiSOC · free tools

ATT&CK coverage grader

Paste your Sigma rules (or a list of technique IDs) and get a coverage grade, a per-tactic heatmap, and the top highest-prevalence techniques you're missing. Download a shareable grade card.

F
13% coverage
5 / 40 high-prevalence techniques covered

Coverage by tactic

command-and-control
0/4
credential-access
0/3
defense-evasion
1/9
discovery
0/3
execution
2/3
exfiltration
0/3
impact
1/2
initial-access
1/4
lateral-movement
0/2
persistence
0/5
privilege-escalation
0/2

Top 10 highest-prevalence uncovered techniques

  1. T1003 OS Credential Dumping · credential-access
  2. T1055 Process Injection · defense-evasion
  3. T1190 Exploit Public-Facing Application · initial-access
  4. T1021 Remote Services · lateral-movement
  5. T1562 Impair Defenses · defense-evasion
  6. T1204 User Execution · execution
  7. T1053 Scheduled Task/Job · persistence
  8. T1071 Application Layer Protocol · command-and-control
  9. T1105 Ingress Tool Transfer · command-and-control
  10. T1021.002 SMB/Windows Admin Shares · lateral-movement

Graded against a curated 40-technique high-prevalence catalog (a quick self-check, not an authoritative audit). Runs entirely in your browser.