Attacks Attacks

Attacks

Attack Page Documentation

The Attack page provides a comprehensive view of potential attack paths and MITRE ATT&CK® techniques that could affect your organization. This feature helps you understand, visualize, and assess various attack vectors and defense levels.

Overview

The Attack page consists of two main sections accessible via tabs:

  • Attack Paths: Visual representations of potential attack sequences
  • MITRE Attacks: Detailed mapping of MITRE ATT&CK® techniques and their implementation status

Attack Paths View

The Attack Paths view displays interactive diagrams showing how attackers might move through your systems. Each path consists of assets (represented as circles) and techniques (represented as rounded rectangles) connected by lines.

Key Components

  • Assets: Represented by circular nodes with an icon <screenshot suggestion: zoomed in view of an asset node>
  • Techniques: Shown as rounded rectangles with technique IDs/names
  • Connections: Lines showing relationships between assets and techniques

Defense Levels

Each technique in the attack path is color-coded to indicate its defense status:

  • Tested (Gray)
  • Undetected (Red)
  • Logged (Orange)
  • Alerted (Yellow)
  • Detected (Blue)
  • Responded (Purple)
  • Prevented (Green)

Working with Attack Paths

Viewing Attack Paths

  1. Select an attack path from the dropdown at the top of the view
  2. Use the mouse to pan and zoom around the diagram
  3. Click on nodes to see more details
  4. Use the controls in the bottom right to:
    • Reset the view
    • Zoom in/out
    • Fit the view to screen

Managing Attack Paths

Attack paths are created and maintained by the Praetorian team to document how Praetorian security engineers proved compromise during assessments. These paths demonstrate real-world attack scenarios and techniques that were successfully executed against your environment.

Additional Features

  • Download as PNG: Export the current attack path as an image
  • Resizable View: Drag the bottom edge to adjust the view height
  • Node Details: Hover over nodes to see additional information

MITRE Attacks View

The MITRE Attacks view provides a comprehensive overview of all MITRE ATT&CK® techniques organized by tactics.

Components

  • Tactics Column: Lists all MITRE tactics
  • Techniques Grid: Shows techniques for the selected tactic
  • Defense Levels: Color-coded indicators showing implementation status

Using the MITRE View

  1. Select a tactic from the left column to view associated techniques
  2. Click on any technique to:
    • View detailed information
    • See its current defense level
    • Access the official MITRE documentation (opens in new tab)

Defense Level Indicators

The same color coding used in Attack Paths applies here:

  • Column shows current defense level
  • Last run timestamp indicates when the defense was last tested
  • Techniques link to detailed MITRE documentation

Tips and Best Practices

  • Regularly review attack paths for accuracy and completeness
  • Update defense levels as new controls are implemented
  • Use the MITRE view to ensure comprehensive coverage of attack techniques
  • Document assumptions and decisions in technique configurations
  • Export attack paths for documentation and review purposes

Notes

  • Some features may require administrative privileges
  • Attack paths are automatically saved after modifications
  • All changes are logged for audit purposes
  • Defense levels should be validated through testing where possible

Articles in this section