In [1]:
from graphviz import Digraph

# Diagram 1: Capital One Attack Flow
def capital_one_attack_flow():
    dot = Digraph(comment='Capital One Attack Flow')
    dot.node('A', 'Attacker')
    dot.node('W', 'Web Application Firewall (WAF)')
    dot.node('E', 'EC2 Instance')
    dot.node('I', 'Instance Metadata Service (IMDS)')
    dot.node('S', 'Amazon S3 Buckets')
    dot.edge('A', 'W', label='HTTP Request')
    dot.edge('W', 'E', label='Forwarded Request (Misconfiguration)')
    dot.edge('E', 'I', label='Retrieve Credentials')
    dot.edge('E', 'S', label='Access Data with Credentials')
    dot.render('capital_one_attack_flow', format='png')
    return dot

# Diagram 2: British Airways Attack Flow
def british_airways_attack_flow():
    dot = Digraph(comment='British Airways Attack Flow')
    dot.node('U', 'User (Browser)')
    dot.node('B', 'British Airways Website')
    dot.node('M', 'Malicious JavaScript')
    dot.node('A', 'Attacker-Controlled Server')
    dot.edge('U', 'B', label='Visit Payment Page')
    dot.edge('B', 'M', label='Inject Malicious Script')
    dot.edge('M', 'U', label='Capture Input Data')
    dot.edge('M', 'A', label='Exfiltrate Data')
    dot.render('british_airways_attack_flow', format='png')
    return dot

# Diagram 3: OWASP Top Ten Wheel
def owasp_top_ten_wheel():
    dot = Digraph(comment='OWASP Top Ten Wheel')
    dot.node('C', 'OWASP Top Ten', shape='circle')
    risks = ['A1: Injection', 'A2: Broken Authentication', 'A3: Sensitive Data Exposure',
             'A4: XML External Entities', 'A5: Broken Access Control', 'A6: Security Misconfiguration',
             'A7: Cross-Site Scripting', 'A8: Insecure Deserialization', 'A9: Using Components with Known Vulnerabilities',
             'A10: Insufficient Logging & Monitoring']
    for i, risk in enumerate(risks):
        dot.node(str(i), risk)
        dot.edge('C', str(i))
    dot.render('owasp_top_ten_wheel', format='png')
    return dot

# Diagram 4: AWS Security Pillar Layers
def aws_security_pillar_layers():
    dot = Digraph(comment='AWS Security Pillar Layers')
    layers = ['Identity and Access Management (IAM)', 'Detective Controls', 'Infrastructure Protection', 'Data Protection', 'Incident Response']
    for i, layer in enumerate(layers):
        dot.node(str(i), layer, shape='box')
        if i > 0:
            dot.edge(str(i-1), str(i))
    dot.render('aws_security_pillar_layers', format='png')
    return dot

# Diagram 5: Zero Trust Access Flow
def zero_trust_access_flow():
    dot = Digraph(comment='Zero Trust Access Flow')
    dot.node('U', 'User/Device')
    dot.node('A', 'Authentication Service')
    dot.node('P', 'Policy Engine')
    dot.node('R', 'Resource')
    dot.edge('U', 'A', label='Request Access')
    dot.edge('A', 'P', label='Verify Identity')
    dot.edge('P', 'R', label='Grant Access if Approved')
    dot.render('zero_trust_access_flow', format='png')
    return dot

# Diagram 6: CIS Benchmark Structure
def cis_benchmark_structure():
    dot = Digraph(comment='CIS Benchmark Structure')
    dot.node('C', 'CIS AWS Foundations Benchmark')
    categories = ['Identity and Access Management', 'Logging', 'Monitoring', 'Networking']
    subcategories = {
        'Identity and Access Management': ['MFA', 'Password Policies'],
        'Logging': ['CloudTrail', 'S3 Bucket Logging'],
        'Monitoring': ['CloudWatch Alarms', 'GuardDuty'],
        'Networking': ['VPC Configuration', 'Security Groups']
    }
    for cat in categories:
        dot.node(cat, cat)
        dot.edge('C', cat)
        for sub in subcategories[cat]:
            dot.node(sub, sub)
            dot.edge(cat, sub)
    dot.render('cis_benchmark_structure', format='png')
    return dot

# Generate all diagrams
if __name__ == "__main__":
    capital_one_attack_flow()
    british_airways_attack_flow()
    owasp_top_ten_wheel()
    aws_security_pillar_layers()
    zero_trust_access_flow()
    cis_benchmark_structure()

In [1]:
from graphviz import Digraph

def did_layers():
    """
    Generates a stacked diagram for Defense-in-Depth (DiD) layers:
    Monitoring → Data → Application → Network → Identity
    """
    dot = Digraph(comment='DiD Layers')
    dot.node('Monitoring')
    dot.node('Data')
    dot.node('Application')
    dot.node('Network')
    dot.node('Identity')
    dot.edge('Monitoring', 'Data')
    dot.edge('Data', 'Application')
    dot.edge('Application', 'Network')
    dot.edge('Network', 'Identity')
    dot.render('did_layers', format='png')
    print("Generated did_layers.png")

def zta_flow():
    """
    Generates a flowchart for Zero Trust Architecture (ZTA) access flow:
    User/Device → Authentication → Policy Engine → Resource
    """
    dot = Digraph(comment='ZTA Access Flow')
    dot.node('User/Device')
    dot.node('Authentication')
    dot.node('Policy Engine')
    dot.node('Resource')
    dot.edge('User/Device', 'Authentication', label='Request Access')
    dot.edge('Authentication', 'Policy Engine', label='Verify Identity')
    dot.edge('Policy Engine', 'Resource', label='Grant Access')
    dot.render('zta_flow', format='png')
    print("Generated zta_flow.png")

def asa_cycle():
    """
    Generates a cycle diagram for Adaptive Security Architecture (ASA):
    Predict → Prevent → Detect → Respond → Predict (loop)
    """
    dot = Digraph(comment='ASA Cycle')
    dot.node('Predict')
    dot.node('Prevent')
    dot.node('Detect')
    dot.node('Respond')
    dot.edge('Predict', 'Prevent')
    dot.edge('Prevent', 'Detect')
    dot.edge('Detect', 'Respond')
    dot.edge('Respond', 'Predict')
    dot.render('asa_cycle', format='png')
    print("Generated asa_cycle.png")

def strategies_overlap():
    """
    Generates a cycle diagram showing the overlap of DiD, ZTA, and ASA:
    DiD → ZTA (Strict Access) → ASA (Adaptability) → DiD (Layered Defense)
    """
    dot = Digraph(comment='Strategies Overlap')
    dot.node('DiD')
    dot.node('ZTA')
    dot.node('ASA')
    dot.edge('DiD', 'ZTA', label='Strict Access')
    dot.edge('ZTA', 'ASA', label='Adaptability')
    dot.edge('ASA', 'DiD', label='Layered Defense')
    dot.render('strategies_overlap', format='png')
    print("Generated strategies_overlap.png")

if __name__ == '__main__':
    did_layers()
    zta_flow()
    asa_cycle()
    strategies_overlap()

Generated did_layers.png
Generated zta_flow.png
Generated asa_cycle.png
Generated strategies_overlap.png


In [3]:
!pip install mitreattack-python

Collecting mitreattack-python
  Downloading mitreattack_python-4.0.0-py3-none-any.whl.metadata (6.9 kB)
Collecting colour (from mitreattack-python)
  Downloading colour-0.1.5-py2.py3-none-any.whl.metadata (18 kB)
Collecting deepdiff (from mitreattack-python)
  Downloading deepdiff-8.4.2-py3-none-any.whl.metadata (7.1 kB)
Collecting drawsvg>=2.0.0 (from mitreattack-python)
  Downloading drawsvg-2.4.0-py3-none-any.whl.metadata (19 kB)
Collecting loguru (from mitreattack-python)
  Downloading loguru-0.7.3-py3-none-any.whl.metadata (22 kB)
Collecting openpyxl (from mitreattack-python)
  Downloading openpyxl-3.1.5-py2.py3-none-any.whl.metadata (2.5 kB)
Collecting pooch (from mitreattack-python)
  Downloading pooch-1.8.2-py3-none-any.whl.metadata (10 kB)
Collecting stix2 (from mitreattack-python)
  Downloading stix2-3.0.1-py2.py3-none-any.whl.metadata (10 kB)
Collecting typer (from mitreattack-python)
  Downloading typer-0.15.2-py3-none-any.whl.metadata (15 kB)
Collecting orderly-set<6,>=5.3