Install
openclaw skills install cyber-kill-chainCyber Kill Chain
Enterprise-grade cybersecurity framework assessment platform that evaluates organizational security controls across the kill chain spectrum.
Overview
The Cyber Kill Chain Security Assessment platform is an enterprise-grade tool designed to systematically evaluate organizational security posture across multiple stages of the MITRE ATT&CK kill chain framework. This API enables security teams to document control implementation status, measure compliance gaps, and generate comprehensive security assessments tailored to organizational risk profiles.
Built for security professionals, compliance officers, and enterprise risk managers, this platform transforms control validation into actionable security intelligence. By mapping security controls to kill chain stages, organizations gain visibility into defense effectiveness and can prioritize remediation efforts based on attack vector coverage.
The assessment engine supports three operational tiers—basic, standard, and enterprise—accommodating organizations from small teams to large multi-division enterprises. Each tier provides proportionate depth of analysis, enabling right-sized security assessment without unnecessary complexity.
Usage
Sample Request
{
"tier": "standard",
"sessionId": "ckc-2024-q1-audit-001",
"controls": {
"reconnaissance": [
{
"controlId": "RECON-001",
"compliant": true,
"notes": "OSINT monitoring active via threat intelligence platform"
},
{
"controlId": "RECON-002",
"compliant": false,
"notes": "Domain registration monitoring not yet implemented"
}
],
"weaponization": [
{
"controlId": "WEAPON-001",
"compliant": true,
"notes": "Email gateway sandboxing enabled with 48-hour detonation window"
}
],
"delivery": [
{
"controlId": "DELIVERY-001",
"compliant": true,
"notes": "Advanced email filtering with machine learning enabled"
},
{
"controlId": "DELIVERY-002",
"compliant": false,
"notes": "USB device policy enforcement pending endpoint refresh"
}
]
}
}
Sample Response
{
"assessmentId": "ckc-2024-q1-audit-001",
"tier": "standard",
"timestamp": "2024-01-15T10:30:00Z",
"overallScore": 72,
"complianceRate": 0.78,
"stageBreakdown": {
"reconnaissance": {
"score": 50,
"compliant": 1,
"total": 2,
"gaps": [
"Domain registration monitoring"
]
},
"weaponization": {
"score": 100,
"compliant": 1,
"total": 1,
"gaps": []
},
"delivery": {
"score": 75,
"compliant": 2,
"total": 3,
"gaps": [
"USB device policy enforcement"
]
}
},
"recommendations": [
{
"stage": "reconnaissance",
"priority": "high",
"action": "Implement domain registration monitoring service"
},
{
"stage": "delivery",
"priority": "medium",
"action": "Accelerate endpoint policy enforcement rollout"
}
],
"nextReviewDate": "2024-04-15"
}
Endpoints
GET /health
Description: Health check endpoint for service availability verification.
Parameters: None
Response:
- Status Code: 200
- Content-Type: application/json
- Body: JSON object confirming service health status
POST /api/security/assess
Description: Perform comprehensive Cyber Kill Chain security assessment across specified control domains and kill chain stages.
Parameters:
| Name | Type | Required | Description |
|---|---|---|---|
| tier | string | Yes | Assessment tier level: basic, standard, or enterprise. Determines scope and depth of analysis. |
| sessionId | string | Yes | Unique session identifier for audit trail and assessment tracking. Recommended format: ckc-YYYY-MM-QX-description. |
| controls | object | Yes | Kill chain stage controls indexed by stage name. Each stage contains array of control assessments. |
| controls[stage] | array | Yes | Array of control assessments for a specific kill chain stage (e.g., reconnaissance, weaponization, delivery). |
| controlId | string | Yes | Unique identifier for the security control being assessed. |
| compliant | boolean | Yes | Compliance status: true if control is implemented and operational, false if non-compliant. |
| notes | string | Optional | Contextual notes, implementation details, or remediation timeline. Maximum 500 characters recommended. |
Response:
- Status Code: 200
- Content-Type: application/json
- Body: Assessment results including overall score, stage-by-stage breakdown, compliance rate, identified gaps, and remediation recommendations.
Error Responses:
- Status Code: 422
- Description: Validation error. Request failed schema validation (missing required fields, invalid tier value, malformed control structure).
- Content-Type: application/json
- Body: Validation error details with field locations and error messages.
OPTIONS /api/security/assess
Description: CORS preflight request handler for cross-origin assessment submissions.
Parameters: None
Response:
- Status Code: 200
- Content-Type: application/json
- Body: CORS headers configuration confirming allowed methods and origins.
Pricing
| Plan | Calls/Day | Calls/Month | Price |
|---|---|---|---|
| Free | 5 | 50 | Free |
| Developer | 20 | 500 | $39/mo |
| Professional | 200 | 5,000 | $99/mo |
| Enterprise | 100,000 | 1,000,000 | $299/mo |
About
ToolWeb.in - 200+ security APIs, CISSP & CISM, platforms: Pay-per-run, API Gateway, MCP Server, OpenClaw, RapidAPI, YouTube.
- toolweb.in
- portal.toolweb.in
- hub.toolweb.in
- toolweb.in/openclaw/
- rapidapi.com/user/mkrishna477
- youtube.com/@toolweb-009
References
- Kong Route: https://api.mkkpro.com/security/cyber-kill-chain
- API Docs: https://api.mkkpro.com:8043/docs