What's Coming Next

ThreatMapper is functional and actively developed. Things currently on the roadmap:

TAXII/STIX import — accept threat intelligence directly from TAXII feeds (MISP, OpenCTI, commercial CTI platforms) so you can analyse structured intelligence without manual copy-paste.

Team collaboration — shared TTP layers with user namespacing; see who saved what and when.

Detection coverage overlay — import your existing SIGMA rule library and visualise which ATT&CK techniques you have coverage for vs which are blind spots. A "detection coverage" layer that you can compare against APT profiles.

Automatic APT tracking — when ATT&CK releases a new version that adds techniques to a group you're tracking, send a notification (webhook or email).

Contributing

The project is open source under the MIT licence.

GitHub: https://github.com/anpa1200/threatmapper
Issues and feature requests: open an issue on GitHub
Medium article: ThreatMapper: I Built a Self-Hosted AI Threat Intelligence Platform

Contributing​

Contributing