MITRE SAF

Appearance

MITRE SAFSecurity Automation Framework

Open source security testing and compliance automation toolkit

Get Started
View on GitHub
🎯

Plan

Identify and prioritize security requirements for your systems

🔒

Harden

Apply security baselines and hardening guidance automatically

Validate

Test and verify security compliance with InSpec profiles

📊

Normalize

Convert security results into standardized formats

📈

Visualize

View and analyze security posture with Heimdall

🤝

Collaborate

Share security content and collaborate with teams

Why SAF?

Streamline Security for Modern DevOps

The MITRE Security Automation Framework brings together applications, techniques, libraries, and tools developed by MITRE and the security community to streamline security automation for systems and DevOps pipelines.
Built for Speed
Integrate security into CI/CD pipelines without slowing down delivery
Open Source
Community-driven tools and content validated by security experts
Standards-Based
Leverage STIGs, CIS Benchmarks, and industry frameworks
SAF Logo
Get Started

Ready to Automate Your Security?

Explore the framework pillars to find the tools and content you need.
Plan Icon

Start with Planning

Identify security requirements for your systems

Validate Icon

Browse Security Content

Find InSpec profiles and hardening guides

What is MITRE SAF?

The Security Automation Framework (SAF) is a comprehensive suite of open source tools and techniques for security automation, compliance validation, and continuous monitoring.

Quick Start

bash
# Install SAF CLI
npm install -g @mitre/saf

# Validate your system
saf validate threshold -i results.json

Community

Join our community to learn more and contribute:

Released under the Apache 2.0 License.

Copyright © 2025 The MITRE Corporation