Primitives
Overview of Primitives in Method Platform.
Environments
An Environment is a logical and secure container for credentials, data, and context. Environments can be made at the organization level (e.g. ACME Co.), for various environments (e.g. prod vs. staging), or for business units. It is a user administration decision on how to segment their environments.
Ontology (Data)
The Ontology is a data knowledge graph of objects and links. Method Platform is built on a strongly typed data model that allows users and AI alike to better leverage information.
Jackals
A Jackal in Method Platform is a security agent that can be deployed or is cloud-managed, and can execute Tools that perform security actions and retrieve data. These security agents do not need to be deployed on every host. Beyond the cloud managed Jackals, deployment depends on desired use cases and visibility.
Tools
A Tool is an atomic security action in Method Platform. That security action may wrap an API (e.g. AWS) or a scanner (e.g. Nessus) or some custom security CLI. Importantly, there is not a single Tool for large security integrations like AWS or Okta. These integrations are decomposed into many small atomic Tools like “Enumerate AWS EC2 Instances”. This gives users fine grained control over inputs and outputs, and thus an increase in performance.
Under the hood, every Tool in Method Platform is leveraging a CLI app, all of which Method Security has open sourced.
Tasks
A Task represents a discrete workflow performable in Method Platform. Tasks can be built and run on the fly in Operator or saved and scheduled. Tasks use Agents to execute and orchestrate Tools.
Test Cases
Test Cases are an opinionated wrapper around Tasks that allow you to assert whether the output looks as you expect by classifying runs as successful or failed, allowing you to easily monitor your scheduled task runs. Tests allow you to take a Task, put it on a schedule, automatically assess whether the returned objects look as you expect, and notify you accordingly.
Operations
An Operation is a coordinated sequence of security actions performed against a target. They are meant to accomplish a goal either investigative or offensive in nature. Operations can be performed with or without initial access, and can contain multiple parallel streams of work. Run an Operation to conduct a red team mission, a training exercise, or a simply live search of your environment.
