Cybral Storm Analyzer User Manual
  • Introduction
  • System Overview
  • How Storm Analyzer works?
  • Getting Started
  • Scan Settings
    • Configuration
    • Machines Status
    • Scans Logs
    • Custom Scan
  • Home
  • Network Topology
  • Network Vulnerabilities
  • Attack Paths Analysis
    • Critical Paths View
    • Critical Assets View
  • Remediation Planner
  • Search Vulnerabilities
  • Organization Settings
  • Conclusion
Powered by GitBook
On this page

Attack Paths Analysis

PreviousNetwork VulnerabilitiesNextCritical Paths View

Last updated 4 months ago

Users here are presented with visual representations of the network's security posture, generated through symbolic AI. The system employs a sophisticated methodology, gathering data from the scanning process and applying symbolic AI to derive conclusions based on these facts. Additionally, the system incorporates derived facts to identify vulnerabilities and evaluate potential attack goals.

The generated graph illustrates complicated relationships between several elements within the network, including vulnerabilities, attack paths, and critical assets. Initially, the system constructs a full attack graph, which may be complex due to the network's size and complexity. To update this graph and highlight critical paths, the system undergoes a reduction process. This process aims to condense the attack graph into a concise and informative summary version.

The resulting critical path graph provides users with a clear overview of the most significant attack paths within the network. Each critical path is ranked based on severity and impact, offering users the information of the most persistent security risks. By presenting this summarized version of the attack graph, the system enables users to prioritize efforts and focus on securing critical assets effectively.

On the Graph page, users encounter two views: Critical Paths and Critical Assets. Both views offer insights into the network's security posture from different perspectives while reflecting the same original information.

When the user clicks on Attack Paths Analysis in the side menu, this Critical Paths Analysis Guidelines window appears. It serves as an introduction to how the system generates and prioritizes critical paths, helping users understand the methodology behind the analysis.

This page provides a set of guidelines for interpreting critical paths identified by the system such as:

  1. Public IP Address Priority

    • Assets with public IP addresses are automatically flagged as potential points of compromise, regardless of whether network vulnerabilities are present.

  2. Critical Paths Visualization by Severity

    • The analyzer’s AI engine evaluates all potential critical paths based on the severity of vulnerabilities on associated assets.

  3. Prioritization of Attack Goals

    • The system identifies potential attack goals by focusing on vulnerable assets within the organization.

Drawing
Process Flow
Critical Paths Analysis Guidelines