How to Use Attack Tree Analysis to Prepare for an Ethical Hack
Attack tree analysis is the process of creating a flowchart-type mapping of how malicious attackers would attack a system. Attack trees are typically used in higher-level information risk analyses and by security-savvy development teams when planning out a new software project.
If you really want to take your ethical hacking to the next level by thoroughly planning your attacks, working very methodically, and being more professional to boot, then attack tree analysis is just the tool you need.
The only drawback is that attack trees can take considerable time to draw out and require a fair amount of expertise. Why sweat it, though, when you can use a computer to do a lot of the work for you? A commercial tool called SecurITree, by Amenaza Technologies Limited, specializes in attack tree analysis, and you may consider adding it to your toolbox.
A previous security risk assessment, vulnerability test, or business impact analysis may already have generated answers to the preceding questions. If so, that documentation can help identify systems for further testing. Failure Modes and Effects Analysis (FMEA) is another option.
Ethical hacking goes a few steps deeper than higher-level information risk assessments and vulnerability assessments. As an ethical hacker, you often start by gleaning information on all systems — including the organization as a whole — and then further assessing the most vulnerable systems. But again, this process is flexible.
Another factor that will help you decide where to start is to assess the systems that have the greatest visibility. For example, focusing on a database or file server that stores client or other critical information may make more sense — at least initially — than concentrating on a firewall or web server that hosts marketing information about the company.