Back to glossary

Attack Tree

A conceptual diagram that represents the various paths an attacker can take to achieve a specific goal or 'root' objective.

Categorysecurity

Overview

Attack trees are a visual way to model the security of a system from an attacker's perspective. The 'root' of the tree is the attacker's ultimate goal (e.g., 'Steal Customer Data'), and the 'leaves' are the specific actions or vulnerabilities they can exploit to get there.

Structure

  • Nodes: Represent sub-goals or actions.
  • AND nodes: All child actions must be successful for the parent goal to be achieved.
  • OR nodes: Any one of the child actions being successful will achieve the parent goal.

Use Cases

  • Identifying the most likely paths an attacker will take.
  • Evaluating the effectiveness of different security controls.
  • Communicating complex security risks to non-technical stakeholders.

Related Terms

Threat ModelingMITRE ATT&CK Framework