Get a comprehensive view of all potential attack paths through your organization's assets to take proactive measures that strengthen your security posture.
![]() |
ImportantThis is a "Pre-release" feature and is not considered an official release. Please
review the
Pre-release disclaimer
before using the feature.
|
Attack Path Prediction is a proactive approach to evaluating potential attack scenarios
across discovered assets in your organization. Using real-time insights from an attacker’s
perspective, you can better understand how threat actors might reach your critical
assets and mitigate risks before the risks are exploited.
Attack Path Prediction analyzes issues detected in your organization's security posture,
including:
-
Asset discovery, profiling, and criticality identification
-
Automatically identify assets in your environment
-
Assess asset criticality and interdependencies
-
-
-
Analyze vulnerabilities, misconfigurations, threat detections, security controls, and other risk factors
-
-
Asset relationships and asset risk graphs
-
Map connections and interactions between assets
-
Provide essential insights to support lateral movement analysis
-
-
Entry point assets: Vulnerable assets that attackers could use to gain access to your environment
-
Lateral movement paths: Collections of activities, actions, and permissions attackers could use to reach critical assets
-
Target point assets: High-value critical assets that represent desirable targets for attackers
The resulting predicted attack paths help you visualize exploitable vulnerabilities,
misconfigurations, and insufficient security measures in your environment and enable
prioritized, foresighted remediation efforts.
![]() |
NoteIn some potential attack paths, the entry point and target point may be the same,
which means a lateral movement path is not required.
|
Attack Path Prediction analyzes your assets and security posture daily. Displayed
information is based on data collected over the last 30 days. Data for analysis comes
from connected Trend Micro products and third-party data sources. For more comprehensive
attack path analysis, connect more data sources.
When Attack Path Prediction identifies a potential attack path, an attack path risk
event is generated in addition to the risk events detected on the associated assets.
Multiple attack paths may share the same entry point, resulting in multiple attack
path risk events. Attack path risk events affect your Cyber Risk Index. Trend Micro
recommends eliminating entry point and attack path events through remediation to prevent
abuse by attackers.
Attack Path Prediction displays the following information for each potential attack
path identified.
Information
|
Description
|
Attack path risk score
|
Attack path risk scores are based on:
Only the highest score within each attack path group is displayed.
|
Entry point and target point
|
At-risk assets at the beginning and end of an attack path. Attack paths may only contain a single asset as both the entry and target point if the asset is highly critical and has a high risk score. |
Entry point risk events
|
The number of risk events on the entry point that could facilitate the attack path. Click the number displayed to see a list of all entry point risk events for the attack path. |
Attack path description
|
A description of the potential attack path, including:
|
Remediation steps
|
Recommended remediation steps you can take to eliminate the attack path. Some descriptions are dynamically generated by AI based on the details of the specific attack path. |