Researchers at the National Institute of Standards and Technology have figured out a new way to help IT administrators assess security risks using attack graphs and the National Vulnerability Database.
"We analyze all of the paths that system attackers could penetrate through a network and assign a risk to each component of the system," computer scientists Anoop Singhal said. "Decision makers can use our assigned probabilities to make wise decisions and investments to safeguard their network."
NIST notes that a hacker can take a number of routes through the network to find confidential data once inside the firewalls. The new technique evaluates each route and assigns a risk based on the level of difficulty for the hacker. Using an attack graph analysis, three potential attack paths are determined, and an attack probability is assigned for each path.
For more:
- see this eWeek.com article [1]
Links:
[1] http://www.eweek.com/c/a/Government/NIST-Researchers-Develop-New-Technique-for-Assessing-Network-Security/