MITRE SAF™

Appearance

SAF Apps

heimdall Heimdall

The Heimdall© data visualization application that ingests security data from multiple security tools to create an aggregated view of the security posture for all components of a system stack. Users can examine individual findings for a deep dive on what actions are needed to secure the system.
heimdall Server Demoheimdall Lite Version View on GitHub Documentation Docker Hub npm Heimdall Pusher LambdaVisualize Icon Visualize
Dashboard View

Visualize Your Security Posture

Load data into Heimdall for easy sorting, filtering, and summarizing of your security results. Focus on information relevant to security assessments.
Visualize Your Security Posture
Data Aggregation

Aggregate Your Security Data

Heimdall automatically converts input security data into a common format (Heimdall Data Format). Unite all of your security scan output under a single pane of glass. Export your aggregated data into a multitude of common formats supporting assessments.
Aggregate Your Security Data
Detailed Analysis

Deep Dive Into Your Data

Use Heimdall to examine each control in your test suite in detail. Determine root causes of failures and see the exact test code that led to each result.
Deep Dive Into Your Data
Get Started

Deployment Options

Choose the deployment option that works best for your workflow.

Heimdall Server

Full-featured server application with database backend. Store results centrally, enable team collaboration, track compliance over time, and integrate with CI/CD pipelines. Ideal for enterprise security teams.

Try Demo → View Source → Documentation →

Heimdall Lite

Client-side visualization tool that runs entirely in your browser. No server required - upload HDF files directly for instant visualization. Perfect for individual security analysts or quick compliance checks.

Try Heimdall Lite → View Source →

Heimdall Pusher Lambda

A serverless AWS Lambda function that automatically pushes security scan results from S3 to a Heimdall server instance. Use it to bridge automated scanning pipelines with Heimdall visualization.

View Source →
Resources

Learn More About Heimdall

Source Code

View the complete source code, contribute features, or report issues on GitHub.

Documentation

Installation guides, API documentation, and usage examples.

Privacy PolicyManage Cookies

MITRE Security Automation Framework (MITRE SAF) is a trademark of The MITRE Corporation. Released under the Apache 2.0 License.

Copyright © 2026 The MITRE Corporation