What it is
The ATT&CK matrix as most people know it is a 2D grid — tactics across the top, techniques in each column. It's useful but flat. The relationships between techniques, the threat groups that use them, and the malware that implements them all collapse into footnotes and external links.
This explorer treats the full corpus as a 3D graph: tactics arc across the top, technique clouds hang below each one, sub-techniques sit just behind their parents, and threat groups and software float in back-planes with translucent arcs to the techniques they touch. Search and multi-dimensional filtering make intersections obvious — “persistence techniques on Linux that APT29 has used and Lazarus hasn't” becomes a few clicks instead of a spreadsheet query.
How to use it
Open the explorer. Drag to orbit, scroll to zoom. Search by technique name or ID (T1059, PowerShell) or threat group (APT29,Cozy Bear). Stack filters in the left sidebar to find intersections. Click any node to inspect its full info and pivot to related nodes.
Data: MITRE ATT&CK Enterprise v19.1, auto-refreshed monthly via GitHub Actions.