Attack Tree Methodology (Continued)
Advantages of SecurITree's Capability-Based Attack Tree Approach
- Objective results - a clear, repeatable reasoning process is used to determine which threats are important. Distinguishes between the illusion of perceived risks and iceberg tips of actual risks.
- Defensible decisions - SecurITree captures the assumptions about the attacker's capabilities, the defenses protecting the asset and the impact of a successful attack. The logic that was used to make decisions can be reconstructed even when analysts' memories have faded. This makes it easier to defend decisions in times of trouble.
- Understandable presentations - graphical attack trees are easily understood by specialists and non-specialists alike. Attack trees are a compelling format for conveying the relevant information needed by management to make informed decisions.
- Identifies effective solutions - the attack tree structure makes it easy to see architectural defects in defenses. This leads to the construction of robust solutions that deliver the maximum bang for the buck. Since the analysis process identifies the weaknesses that your adversaries will exploit, your security resources are not squandered in protecting against hypothetical threats. The effect of proposed solutions can be tested before implementation.
- Adaptable to real world changes - Sudden changes in the environment can be quickly reflected in analysis. "What-if" thought experiments can be explored. Assumptions about the asset's defenses or the attacker's capabilities can be changed instantly as new information becomes available.
- Scalable and reusable - Once a basic model of a particular situation has been created, it can be used as a template for other, similar situations. The knowledge of experts is captured in attack tree libraries and can be reused by less specialized analysts. The skills of many diverse subject matter experts can be combined in one project.