Skip to content

Add Backend Logic for Inserting Attack-Operator Nodes (Forks & Merges) #153

New issue
New issue
Open
Open
Add Backend Logic for Inserting Attack-Operator Nodes (Forks & Merges)#153
Labels
attack flow implementationImplementing the ability to generate attack flowsfeature requestNew feature or request
@KadeMorton

Description

@KadeMorton
KadeMorton
opened on Jul 19, 2025

What it is

Introduce logic to create attack-operator nodes in the backend whenever a fork or merge relationship is established in the flow.

Why it matters

  • Required for MITRE-compliant Attack Flow STIX bundles.
  • Helps represent logical junctions (AND/OR) in flow execution.

Requirements

  • When user creates:
    • Fork → insert attack-operator with type = AND by default
    • Merge → insert attack-operator with incoming edges
  • Automatically insert operator nodes if:
    • Multiple parents connect to a single child
  • Allow toggle of ANDOR operator type in backend metadata.

Acceptance Criteria

  • Operator nodes inserted programmatically as needed.
  • Operator type can be toggled (AND/OR).
  • Relationships between FlowNodes and operator nodes are maintained.

Metadata

Metadata

Assignees

No one assigned

    Labels

    attack flow implementationImplementing the ability to generate attack flowsfeature requestNew feature or request

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions