Merak Asset Threat Analysis Tool

Merak is a web-based threat analysis tool that aims to estimate a software system's asset threat landscape by leveraging external security data sources such as National Vulnerability Database, MITRE's ATT&CK, and the Canadian Centre for Cyber Security Alerts and Advisories.

Try It

The Problem

Understanding the threat landscape for each asset in a system architecture requires cross-referencing multiple authoritative security data sources — a process that is manual, time-consuming, and requires deep security expertise.

The Solution

Merak was launched in September 2021 as part of the Compass toolkit, providing security analysts and system architects with an automated, data-driven view of their asset-level threat landscape.

Why It's Hard

Merak uses Natural Language Processing (spaCy) to process and correlate data from NVD, MITRE ATT&CK, and the Canadian Centre for Cyber Security. Built with Python, FastAPI, and NoSQL, and containerized with Docker, it surfaces relevant threats for each asset in a system design.

The Process

Discovery
Data Source Mapping
Identified and evaluated NVD, MITRE ATT&CK, and CCCS as authoritative threat intelligence sources for automated correlation.
Source evaluationData schema mapping
Architecture
NLP Pipeline & API Design
Designed an NLP pipeline using spaCy to correlate threat data, backed by a FastAPI service and NoSQL data store, containerized with Docker.
NLP pipeline specAPI designDatabase schema
Ship
Compass Toolkit Launch
Deployed Merak as part of the Compass toolkit in September 2021, providing security analysts with automated asset-level threat intelligence.
Deployed toolCompass integration

Architecture

Web Interface

User Input (System Assets)

FastAPI Service

Python Backend

NLP Engine

spaCy Correlation

Threat Data Sources

NVD / MITRE ATT&CK / CCCS

Web Interface

User Input (System Assets)

FastAPI Service

Python Backend

NLP Engine

spaCy Correlation

Threat Data Sources

NVD / MITRE ATT&CK / CCCS

How It Works

Input Assets

Enter the assets in your system architecture — components, services, or devices — into Merak's interface.

Correlate Threats

Merak's NLP engine cross-references your assets against NVD, MITRE ATT&CK, and CCCS to surface relevant threats automatically.

Review Landscape

Receive a data-driven threat landscape report for each asset, enabling informed security decision-making.

Techniques

✓Threat Analysis
✓Natural Language Processing
✓Data-Driven Security Metrics

Technologies

✓Python
✓spaCy
✓FastAPI
✓NoSQL
✓Docker
✓Containerization

Polaris Structural Security Posture Analysis Tool

Duration Estimation for Future Canadian Armed Forces Operations

Merak Asset Threat Analysis Tool

Try It

The Problem

The Solution

Merak was launched in September 2021 as part of the Compass toolkit, providing security analysts and system architects with an automated, data-driven view of their asset-level threat landscape.

Why It's Hard

The Process

Discovery
Data Source Mapping
Identified and evaluated NVD, MITRE ATT&CK, and CCCS as authoritative threat intelligence sources for automated correlation.
Source evaluationData schema mapping
Architecture
NLP Pipeline & API Design
Designed an NLP pipeline using spaCy to correlate threat data, backed by a FastAPI service and NoSQL data store, containerized with Docker.
NLP pipeline specAPI designDatabase schema
Ship
Compass Toolkit Launch
Deployed Merak as part of the Compass toolkit in September 2021, providing security analysts with automated asset-level threat intelligence.
Deployed toolCompass integration

Architecture

Web Interface

User Input (System Assets)

FastAPI Service

Python Backend

NLP Engine

spaCy Correlation

Threat Data Sources

NVD / MITRE ATT&CK / CCCS

Web Interface

User Input (System Assets)

FastAPI Service

Python Backend

NLP Engine

spaCy Correlation

Threat Data Sources

NVD / MITRE ATT&CK / CCCS

How It Works

Input Assets

Enter the assets in your system architecture — components, services, or devices — into Merak's interface.

Correlate Threats

Merak's NLP engine cross-references your assets against NVD, MITRE ATT&CK, and CCCS to surface relevant threats automatically.

Review Landscape

Receive a data-driven threat landscape report for each asset, enabling informed security decision-making.

Techniques

✓Threat Analysis
✓Natural Language Processing
✓Data-Driven Security Metrics

Technologies

✓Python
✓spaCy
✓FastAPI
✓NoSQL
✓Docker
✓Containerization

Polaris Structural Security Posture Analysis Tool

Duration Estimation for Future Canadian Armed Forces Operations