Attack tree-based risk modeling – know how and where they will attack!
By clicking "Accept", you agree to the storing of cookies on your device to
enhance site navigation, analyze site usage, and improve marketing.
Hostile behavior can be predicted.
Attack tree-based threat modeling
Attack tree analysis has long been used in critical aerospace, intelligence and defense
applications. But the attack tree approach was not well know outside of these areas.
Some organizations attempted attack tree analysis using conventional drawing tools,
only to discover they are ill suited to the purpose.
Amenaza's SecurITree® modeling software
was purpose built for the task. Capable of
analyzing hundreds of thousands (or millions) of attack scenarios, SecurITree's powerful
analytic capabilities make analysis practical. Its ability to gauge the effect of
countermeasures before implementation is game changing.
To Act or to be Acted Upon?
Predictive Security Posture Management (PSPM) gives you the choice.
Which will you choose?
When Security Really Matters
Amenaza's PSPM modeling technology is used by leaders in:
Amenaza's SecurITree software is used extensively
by aerospace manufacturers for the analysis of avionics security (anti-tamper
protection) as well as ground-based IT support systems. SecurITree was used to
provide information assurance on the avionics of a major fighter jet project.
Six of the top ten U.S aerospace-defense companies use SecurITree. It is also
used by foreign allies.
Embedded and IoT Devices
Amenaza's SecurITree software has been used to analyze
the security and tamper resistance of a diverse set of embedded technologies. These range
from satellite TV decoders to point of sale terminal devices. A major reference work on
IoT Security (Practical Internet of Things Security, by Drew Van Duren and Brian Russell)
features screen shots from SecurITree in its chapter on attack tree threat modeling.
Few other fields require as stringent safety and
security measures as that of medical devices. Two of the world's largest medical
device manufacturers use Amenaza's SecurITree software models to assess and secure
their products. This includes laboratory / patient care equipment as well as devices
implanted in patients (such as pacemakers).
Control system operators in diverse fields use
Amenaza's SecurITree software models to analyze and secure their systems. As IT and
OT continue to converge, SecurITree's holistic view allows both types of systems to be
reviewed in a single model.
Infrastructure / Nuclear Power
Amenaza's SecurITree software models attacks
against pipelines, power grids and other critical infrastructure. One industry
body created extensive models of attacks against the bulk power system. SecurITree
is especially well suited for assuring that critical nuclear power security requirements
are met. The NRC Regulatory Guide 5.71 specifically mentions the importance of attack
tree analysis for nuclear power.
As automobiles become more intelligent and under computer
control the need for security becomes paramount. Amenaza's SecurITree is used for
security assurance of automobile control-by-wire systems, and for development of next
generation autonomous vehicles.
Amenaza's SecurITree was initially designed for the
security analysis of corporate IT systems. A library of pre-built attack trees related
to popular information technologies is available.
Amenaza's SecurITree project has been used for the
of rail security. Industry groups have created models to help understand how to better
protect critical transportation systems.
SecurITree continues to be the best
available tool for security risk
assessments on our military programs.
- Fortune 100 aerospace customer
An ancient Latin proverb counseled that forewarned is forearmed.
The behavior of adversaries can be predicted. Such knowledge enables defenders to
prevent attacks from ever happening.
Amenaza's attack tree-based SecurITree threat modeling software makes this possible and practical.
Amenaza in the News
Amenaza chosen as one of Canada's
Top 10 Risk Management Providers! Read more >