0      0

SNAA2208 - Attack Tree-based Threat Modeling - Assessing & Mitigating Risk in an Objective Way

‐ Jun 15, 2022 1:50pm

Credits: None available.

Most cybersecurity technologies deal with the past (logs, forensics) or the present (network monitoring, intrusion detection, anti-virus). Although necessary, these approaches are inherently reactive. Attack tree-based threat risk analysis deals with the future. Customers working in critical defense and aerospace applications have long used attack tree analysis to ensure that their systems' architectures will withstand both present day and future attacks. In the attack tree analysis process, the analyst builds a graphical, mathematical model of the system they wish to protect, and descriptions of the system's adversaries. Analysis reveals the attacks the adversaries are most likely to use and the best countermeasures. It is especially applicable to industrial control system (ICS) security and an ICS example will be presented.

Learning Objectives:

  • Attendees will learn how attack tree models can help them identify and prioritize the controls that will be most beneficial for their systems.
  • Discover how attack tree models can predict how their system is most likely to be attacked.

How to Claim CPE for Recordings

  • Watch the entire video
  • Once the presentation concludes, click the "CE Information" tab underneath the video
  • Take the evaluation
  • Credit will be issued to member accounts within 10-business days as long as viewing time can be verified.


Credits: None available.