Get a comprehensive view of all potential attack paths through your organization's assets to take proactive measures that strengthen your security posture.

Important
Important
This is a "Pre-release" feature and is not considered an official release. Please review the Pre-release disclaimer before using the feature.
Attack Path Prediction is a proactive approach to evaluating potential attack scenarios across discovered assets in your organization. Using real-time insights from an attacker’s perspective, you can better understand how threat actors might reach your critical assets and mitigate risks before the risks are exploited.
Attack Path Prediction analyzes issues detected in your organization's security posture, including: Analysis is performed using Attack Surface Risk Management core features, including:
  • Asset discovery, profiling, and criticality identification
    • Automatically identify assets in your environment
    • Assess asset criticality and interdependencies
    • Analyze vulnerabilities, misconfigurations, threat detections, security controls, and other risk factors
  • Asset relationships and asset risk graphs
    • Map connections and interactions between assets
    • Provide essential insights to support lateral movement analysis
The goal of analysis is to identify the three essential components of a potential attack path within your organization's environment:
  • Entry point assets: Vulnerable assets that attackers could use to gain access to your environment
  • Lateral movement paths: Collections of activities, actions, and permissions attackers could use to reach critical assets
  • Target point assets: High-value critical assets that represent desirable targets for attackers
The resulting predicted attack paths help you visualize exploitable vulnerabilities, misconfigurations, and insufficient security measures in your environment and enable prioritized, foresighted remediation efforts.
Note
Note
In some potential attack paths, the entry point and target point may be the same, which means a lateral movement path is not required.
Attack Path Prediction analyzes your assets and security posture daily. Displayed information is based on data collected over the last 30 days. Data for analysis comes from connected Trend Micro products and third-party data sources. For more comprehensive attack path analysis, connect more data sources.
When Attack Path Prediction identifies a potential attack path, an attack path risk event is generated in addition to the risk events detected on the associated assets. Multiple attack paths may share the same entry point, resulting in multiple attack path risk events. Attack path risk events affect your Cyber Risk Index. Trend Micro recommends eliminating entry point and attack path events through remediation to prevent abuse by attackers.
Attack Path Prediction displays the following information for each potential attack path identified.
Information
Description
Attack path risk score
Attack path risk scores are based on:
  • Likelihood of exploitation: The ease with which attackers could abuse the attack path and reach high-criticality assets, based on the risk scores of the associated assets. Riskier entry points and nodes along the attack path result in a higher likelihood of exploitation.
  • Impact: The impact that exploitation of the attack path could have on your organization, determined by the asset criticality of associated assets.
Only the highest score within each attack path group is displayed.
Entry point and target point
At-risk assets at the beginning and end of an attack path. Attack paths may only contain a single asset as both the entry and target point if the asset is highly critical and has a high risk score.
Entry point risk events
The number of risk events on the entry point that could facilitate the attack path. Click the number displayed to see a list of all entry point risk events for the attack path.
Attack path description
A description of the potential attack path, including:
  • Potential threat sources
  • Identified vulnerabilities in associated assets
  • Potential lateral movement relationships
  • Target asset type
Some descriptions are dynamically generated by AI and are unique to the attack path.
Remediation steps
Recommended remediation steps you can take to eliminate the attack path. Some descriptions are dynamically generated by AI based on the details of the specific attack path.