I work on the team developing VECTR at Security Risk Advisors. VECTR is a tracking and reporting tool for information security testing activities. It supports MITRE ATTACK Framework methodology plus additional industry metrics. From the heatmap to historical trending users have access to different views for analyzing the results of testing activities. The intended audience is mature organizations performing or contracting regular red team or purple team activities. However, it’s flexible enough to work for smaller teams just getting started. I believe anyone seeking to measure their organization’s defensive response over time can benefit from VECTR.
We have documentation here https://docs.vectr.io/