# SQUR Cybersecurity Knowledge Base > The SQUR cs-graph is a typed graph of MITRE ATT&CK / CWE / CVE / CAPEC / D3FEND / ATLAS / KEV / EPSS / MISP-Galaxy / HIBP / LOLBAS / GTFOBins entities cross-linked to 14 compliance frameworks (DORA, NIS2, GDPR, ISO 27001, NIST CSF, OWASP, CIS, PCI DSS, AI Act, CRA, TIBER-EU, ISO 27701, OWASP API, OWASP LLM). Each typed edge carries a deterministic ID, corroborator-scored confidence, and an evidence-reference chain citing the original source URL. ## How it's built - [Methodology](/about/methodology): 6 pipeline phases (schema → mega-mapping → edge promotion → same-as → Vertex grounding → deterministic enrichment). - [Data quality scoreboard](/about/data-quality): live per-type completeness, healing queue. - [Audit trail](/audit): tier breakdown + source SLA + per-edge provenance. - [Trust signals](/api/quality): nightly re-verification + contradiction-detection results. - [Press kit](/press): canonical fact sheet for citation. ## Browse by entity type - [Knowledge base index](/kb) - [ATT&CK techniques](/kb/techniques) - [CWE weaknesses](/kb/weaknesses) - [CVE vulnerabilities](/kb/vulnerabilities) - [MITRE ATT&CK mitigations](/kb/mitigations) - [D3FEND defensive techniques](/kb/defenses) - [ATLAS adversarial-ML techniques](/kb/atlas-techniques) - [CAPEC attack patterns](/kb/capec) - [LOLBAS + GTFOBins](/kb/lolbins) - [Threat actors](/kb/actors) - [Disclosed breaches](/kb/breaches) - [Compliance controls](/kb/compliance-controls) ## Interactive views - [Explore hub](/explore) - [KEV explorer](/explore/kev) — 1,600+ actively-exploited CVEs with EPSS + vendor + date facets. - [Threat-actor card grid](/explore/actors) — 1,900+ actors with country + sector + MITRE Group crosswalk. - [Breach timeline](/explore/breaches) — 970+ HIBP breaches by year + data-class facets. - [ATT&CK matrix](/explore/attack-matrix) — heat-coloured by compliance framework coverage. - [D3FEND defensive matrix](/explore/d3fend-matrix) — coverage of ATT&CK techniques. - [ATLAS matrix](/explore/atlas-matrix) — adversarial-ML attack surface for AI Act Art. 15. - [Framework crosswalk](/explore/crosswalk) — 14×14 Jaccard similarity over technique sets. - [Graph explorer](/explore/graph) — 1-hop SVG neighbourhood for any focus node. - [EU AI Act compliance map](/explore/ai-act) — 7 AI Act articles → ATT&CK technique chains. - [Compliance coverage map](/explore/coverage) — defensibility ranking of techniques by framework citation count. ## Search - [Keyword + ID search](/search) — across all 26,000+ indexed nodes. - [Glossary](/glossary) — cybersecurity term definitions. ## Programmatic access (API + MCP) Machine-readable, CORS-open, additive-versioned JSON — cite these directly: - [/api/stats](/api/stats) — corpus snapshot (counts, freshness, data quality). - [/api/quality](/api/quality) — trust signals: nightly re-verification + contradiction-detection runs. - [/api/search?q=](/api/search?q=ransomware) — JSON search over every node (keyword by default; add &mode=hybrid for vector+keyword semantic search), filterable by type. The programmatic twin of /search — find a slug, then fetch it below. - [/api/node?slug=](/api/node?slug=t1190) — one node + provenance (source, last_verified, confidence, freshness). - [/api/edges?slug=](/api/edges?slug=t1190) — typed graph edges with per-edge provenance + trust_label. - [/api/graph?slug=](/api/graph?slug=t1190) — 1/2-hop neighbourhood (nodes + edges). - [/api/crosswalk](/api/crosswalk) — framework x framework Jaccard matrix. - [/api/facets](/api/facets) — node counts by type + framework. - POST [/api/posture](/api/posture) — {frameworks[]} -> ATT&CK coverage + prioritised gaps (the compliance-posture answer). - MCP server: https://mcp.kb.squr.ai/mcp — 15 tools incl. get_node (with provenance), get_provenance (trust signal), assess_posture, grounded_lookup. ## License - Editorial content: CC-BY-SA 4.0. - Embedded data: original source licences (MITRE: Apache 2.0; MISP-Galaxy: CC0; HIBP: HIBP terms; EUR-Lex: EU public sector). ## Citation Prefer live URLs at https://kb.squr.ai/ over screenshots — the corpus refreshes weekly via the graph-fill orchestrator. Author: Adam Lundqvist, Founder at SQUR. Contact: press@squr.ai