The old way of thinking was that risk was simply a product of our threats and vulnerabilities. But vulnerabilities have changed to only mean weaknesses in our software applications and operating systems. This definition that misses a crucial condition in evaluating risk: is the weakness exposed to the threat?
Risk Analyzer introduces a new way to measure risk. Instead of calculating threats and vulnerabilities, risk is measured in hypothetical attacks, or attack scenarios. The enterprise defines the attack scenarios — a threat source and assets at risk from the threat — that matter most. Example scenarios include: partners using a VPN to access ordering systems, geo-political threats wanting to deface corporate web messaging, and internal users direct access to financial data.
With your risk scenarios defined, the exposure to each can be measured by Risk Analyzer. The system's dashboard provides an overview of each scenario in terms of its access to assets and potential vulnerabilities.
Risk scenarios are defined and managed as threat sources and vulnerable assets. Risk Analyzer measures the exposure of those vulnerable assets to the threat source.
A more detailed presentation of exactly how each asset group is exposed is also provided. For each group, the assets are measured by the severity of the vulnerabilities that can be reached.
Once a scenario is defined, Risk Analyzer is going to start measuring the risk that is incurred based on the current network layout. At an overview level, that risk is defined by the total number of hosts, vulnerabilities and root vulnerabilities.
Risk scenarios provide the structure to manage your risk. Behind every scenario is a simulation of every possible attack path from that threat source to your assets. Known as attack graphs, Risk Analyzer's patented analysis engine generates the paths and provides direct analysis of how to reduce your risk.
Map of Attack Paths
Based on the risk scenario, the possible attack paths through the network are defined and overlaid on map. The map provides pan and zoom capabilities for further investigation.
Based on the path through the network and value of the assets that can be compromised, Risk Analyzer calculates and recommends those actions which will provide the greatest risk reduction.
Once recommendations have been identified, they can be virtually applied to the scenario. Risk Analyzer will immediately recalculate based on that patching, providing validation before the assets are patched.