Generating attack graphs in agile security platforms

Generating attack graphs in agile security platforms

Implementations of the present disclosure include providing graph data defining a graph that is representative of an enterprise network, the graph including nodes and edges between nodes, each node representing an asset within the enterprise network, and each edge representing one or more lateral at...

Ausführliche Beschreibung

Gespeichert in:
Bibliographische Detailangaben
Hauptverfasser: Hassanzadeh, Amin, Hadar, Eitan, O'Connor, Lisa
Format: Patent
Sprache:eng
Schlagworte:
ELECTRIC COMMUNICATION TECHNIQUE
ELECTRICITY
TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHICCOMMUNICATION
Online-Zugang:Volltext bestellen
Tags: Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
Beschreibung
Zusammenfassung:Implementations of the present disclosure include providing graph data defining a graph that is representative of an enterprise network, the graph including nodes and edges between nodes, each node representing an asset within the enterprise network, and each edge representing one or more lateral attack paths between assets in the enterprise network, determining, for each node, an incoming value based on attributes of a set of incoming edges and an outgoing value based on attributes of a set of outgoing edges, the attributes including a number of edges and semantic types of the edges, at least one cardinality value of each node being determined based on one or more of the incoming value and the outgoing value of the node, receiving input representative of filter parameters, generating a sub-graph based on attributes of the nodes and the filter parameters, and displaying, by the visualization platform, the sub-graph in a display.