Attack Path Prediction | Trend Micro Service Central

Views:

Get a comprehensive view of all potential attack paths through your organization's assets to take proactive measures that strengthen your security posture.

Important

This is a "Pre-release" feature and is not considered an official release. Please review the Pre-release disclaimer before using the feature.

Attack Path Prediction offers a holistic view of all potential attack paths across discovered assets in your organization. Using real-time insights from an attacker’s perspective, you can better understand how threat actors might reach your critical assets. This proactive approach enables you to strengthen your defenses and mitigate risks before they are exploited.

Attack Path Prediction analyzes assets and asset relationships and identifies potential attack paths based on detected risk events on at-risk entry points. Analysis is performed daily. Data for analysis comes from connected Trend Micro Products and third-party data sources. For more comprehensive attack path analysis, connect more data sources.

When Attack Path Prediction identifies a potential attack path, an attack path risk event is generated in addition to the risk events detected on the associated assets. Multiple attack paths may share the same entry point, resulting in multiple attack path risk events. Attack path risk events affect your Risk Index. Trend Micro recommends eliminating attack path events through remediation to prevent abuse by attackers.

Note

Attack Path Prediction displays information based on data collected over the last 30 days.

The following information is displayed for each potential attack path identified.

Information	Description
Attack path risk score	The attack path risk score is calculated based on: Likelihood of exploitation: The ease with which attackers could abuse the attack path and reach high-criticality assets, based on the risk scores of the associated assets. Riskier entry points and nodes along the attack path result in a higher liklihood of exploitation. Impact: The impact that exploitation of the attack path could have on your organization, determined by the asset criticality of associated assets. Only the highest score within each attack path group is displayed.
Entry and target point	The at-risk assets at the beginning and end of the attack path. Attack paths may only have a single asset as both the entry and target point if the asset is highly critical and has a high risk score.
Entry point risk events	The number of risk events on the entry point that could facilitate the attack path. Click the number displayed to see a list of all entry point risk events for the attack path.
Attack path description	A description of the potential attack path, including Potential threat sources Identified vulnerabilities in associated assets Potential lateral movement relationships Target asset type Some descriptions are dynamically generated by AI and are unique to the attack path.
Remediation options	Recommended remediation steps you can take to eliminate the attack path. Some descriptions are dynamically generated by AI based on the details of the specific attack path.