Hostile behavior can be predicted.
Attack tree-based
threat modeling for
Risk and Predictive
Analytics
Are you not seeing useful results from your current risk assessment processes? Do they seem like time consuming exercises in navel gazing – with few actionable results? Attack tree-based risk analysis predicts how adversaries will attack your systems – and reveals the impacts the attacks will have!
- Knowing how your adversaries will attack enables you to create effective defenses
- The effectiveness of proposed controls can be tested (before costly implementation)
- Attack tree models provide a rational basis for security choices (and justify them to the Board)
So, if attack tree analysis is so great, why isn't everyone doing it? Simply put, manually constructing attack trees and analyzing the hundreds of thousands of paths an attacker might take is not feasible. Amenaza's SecurITree® threat modeling software was specifically created to make the power of attack tree-based threat and risk modeling accessible to all.
Attack tree analysis has long been used in critical aerospace, intelligence and defense applications. Amenaza SecurITree's analytic capabilities make analysis practical for operators and designers of IT, OT, IOT and embedded systems. Amenaza's onsite training courses allow analysts to feel confident that the models they create accurately reflect the systems they are charged with protecting. Isn't it time for you to get ahead of your adversaries?
When getting attacked is just not an option – you've got to get it right!
Think like an attacker!
SecurITree's threat models enable predictive Security Posture Management (SPM).
Predictive Security Posture Management allows cyber attacks to be predicted.
Knowing how you will be attacked allows you to prevent the attack from ever
happening (or mitigate the effects thereof).
Outsmart your adversaries.
Stay one step ahead!
Stay one step ahead!
SecurITree continues to be the best
available tool for security risk
assessments on our military programs.
available tool for security risk
assessments on our military programs.
- Fortune 100 aerospace customer
When Security Really Matters
Amenaza's Predictive SPM modeling technology is used by leaders in:
Aerospace
Amenaza's SecurITree software is used extensively
by aerospace manufacturers for the analysis of avionics security (anti-tamper
protection) as well as ground-based IT support systems. SecurITree was used to
provide information assurance on the avionics of a major fighter jet project.
Six of the top ten U.S aerospace-defense companies use SecurITree. It is also
used by foreign allies.
Embedded and IoT Devices
Amenaza's SecurITree software has been used to
analyze
the security and tamper resistance of a diverse set of embedded technologies. These range
from satellite TV decoders to point of sale terminal devices. A major reference work on
IoT Security (Practical Internet of Things Security, by Drew Van Duren and Brian Russell)
features screen shots from SecurITree in its chapter on attack tree threat modeling.
Medical Devices
Few other fields require as stringent safety and
security measures as that of medical devices. Two of the world's largest medical
device manufacturers use Amenaza's SecurITree software models to assess and secure
their products. This includes laboratory / patient care equipment as well as devices
implanted in patients (such as pacemakers).
Operational Technology
Control system operators in diverse fields use
Amenaza's SecurITree software models to analyze and secure their systems. As IT and
OT continue to converge, SecurITree's holistic view allows both types of systems to be
reviewed in a single model.
Infrastructure / Nuclear Power
Amenaza's SecurITree software models attacks
against pipelines, power grids and other critical infrastructure. One industry
body created extensive models of attacks against the bulk power system. SecurITree
is especially well suited for assuring that critical nuclear power security requirements
are met. The NRC Regulatory Guide 5.71 specifically mentions the importance of attack
tree analysis for nuclear power.
Auto Manufacturing
As automobiles become more intelligent and under computer
control the need for security becomes paramount. Amenaza's SecurITree is used for
security assurance of automobile control-by-wire systems, and for development of next
generation autonomous vehicles.
Information Technology
Amenaza's SecurITree was initially designed for the
security analysis of corporate IT systems. A library of pre-built attack trees related
to popular information technologies is available.
Transportation
Amenaza's SecurITree project has been used for the
analysis
of rail security. Industry groups have created models to help understand how to better
protect critical transportation systems.
When Security Really Matters
Amenaza's PSPM modeling
technology is used by leaders in:
Aerospace
Amenaza's SecurITree software is used extensively
by aerospace manufacturers for the analysis of avionics security (anti-tamper
protection) as well as ground-based IT support systems. SecurITree was used to
provide information assurance on the avionics of a major fighter jet project.
Six of the top ten U.S aerospace-defense companies use SecurITree. It is also
used by foreign allies.
Embedded and IoT Devices
Amenaza's SecurITree software has been used to
analyze
the security and tamper resistance of a diverse set of embedded technologies. These range
from satellite TV decoders to point of sale terminal devices. A major reference work on
IoT Security (Practical Internet of Things Security, by Drew Van Duren and Brian Russell)
features screen shots from SecurITree in its chapter on attack tree threat modeling.
Medical Devices
Few other fields require as stringent safety and
security measures as that of medical devices. Two of the world's largest medical
device manufacturers use Amenaza's SecurITree software models to assess and secure
their products. This includes laboratory / patient care equipment as well as devices
implanted in patients (such as pacemakers).
Operational Technology
Control system operators in diverse fields use
Amenaza's SecurITree software models to analyze and secure their systems. As IT and
OT continue to converge, SecurITree's holistic view allows both types of systems to be
reviewed in a single model.
Infrastructure / Nuclear Power
Amenaza's SecurITree software models attacks
against pipelines, power grids and other critical infrastructure. One industry
body created extensive models of attacks against the bulk power system. SecurITree
is especially well suited for assuring that critical nuclear power security requirements
are met. The NRC Regulatory Guide 5.71 specifically mentions the importance of attack
tree analysis for nuclear power.
Auto Manufacturing
As automobiles become more intelligent and under computer
control the need for security becomes paramount. Amenaza's SecurITree is used for
security assurance of automobile control-by-wire systems, and for development of next
generation autonomous vehicles.
Information Technology
Amenaza's SecurITree was initially designed for the
security analysis of corporate IT systems. A library of pre-built attack trees related
to popular information technologies is available.
Transportation
Amenaza's SecurITree project has been used for the
analysis
of rail security. Industry groups have created models to help understand how to better
protect critical transportation systems.
See video interview of Amenaza's president Terry Ingoldsby
with industry luminary
Dr. Edward Amoroso
Dr. Edward Amoroso
Amenaza in the News
Security risk analysis using attack trees with Terry Ingoldsby
(Caffeinated Risk - McCreight & Leece)
Listen >
Engineering-grade OT Security - A Manager's Guide
by Andrew Ginter
See Chapter 6
Get Waterfall book >
Security risk analysis using attack trees with Terry Ingoldsby
(Caffeinated Risk - McCreight & Leece)
Listen >
Engineering-grade OT Security - A Manager's Guide
by Andrew Ginter
See Chapter 6
Get Waterfall book >
Copyright © 2025 Amenaza Technologies Limited. All rights reserved.