Coverage Analyzer Documentation

Overview

The Coverage Analyzer is a Streamlit-based dashboard application that provides comprehensive analysis of security coverage using the Stellar Cyber API and MITRE ATT&CK framework. The application helps security teams understand their current detection coverage and simulate potential improvements through additional data sources.

Installation Options

Manual Python
- Requires Python 3.10+
- Can be installed locally and run locally. uv or pip used to install dependencies.
Docker Container
- Platform independent
- Supports both arm64 and amd64
- Ideal for cloud deployments

See the Installation Guide for detailed instructions.

Architecture

graph TD
    A[User Interface] --> B[StreamlitCoverageAnalyzer]
    B --> C[StellarCyberAPI]
    B --> D[StellarMitre]
    C --> E[Stellar Cyber Platform]
    D --> F[MITRE ATT&CK]

Core Components

Component	Description
StellarCyberAPI	Handles all Stellar Cyber API interactions
StellarMitre	Manages MITRE ATT&CK framework integration
StreamlitCoverageAnalyzer	Core application logic and analysis
UI Components	Dashboard layout and interactive elements
App	Main application entry point and state management

Getting Started

Clone repository

git clone https://github.com/stellarcyber/detection_coverage_app.git
cd detection_coverage_app

Run with uv

uv run coverage-analyzer

or

uv run run.py

or

uv run streamlit run app.py

Install as a CLI tool

uv tool install --editable ./

When completed, you can run the app from anywhere in your terminal (not just within the project directory):

coverage-analyzer

or (for headless environments)

coverage-analyzer --headless

Configuration

Environment Variables

Variable	Description	Required
`STCA_COOKIES_PASSWORD`	Cookie encryption password	No

Contributing

Fork the repository
Create a feature branch
Make your changes
Submit a pull request