Model the system security risk by an attack tree
Poolsappasit, Nayot, author
Edwards, John, author
Ray, Indrajit, author
Traditional Vulnerabilities scanners only give a list of vulnerabilities of the systems. This one dimensional information does not give analysts the perception of how exploits can be chained together and form more complex attack scenarios. We are developing an automate tool that takes the list of vulnerabilities and generates all possible attack scenarios known to the current security intellectual in the form of an attack tree model.