Attack Path Modelling (APM)
Melanie Somiah-Senior Manager, Omnia AI
Advancements in tactics, techniques and procedures (TTPs) used by threat actors have required that organizations evolve how they approach threat
management and ultimately the security of their organization. Threat actors are constantly breaching networks thought to be secure and increasingly
organizations are viewed as reactionary. Attackers typically start by compromising an internet-facing host with lower levels of defenses. Upon successful
compromise, an attacker uses their access to progressively exploit and compromise other, more critical systems until their target is reached, often sensitive
data or crown jewels.
As such, Omnia AI has developed Attack Path Modelling, a tool that enables proactive determination of potential methods of intrusion using a variety of data
sets, not just vulnerability information.
Attack Path Modelling
A t t a c k P a t h M o d e l l i n g
Attack Path Modelling (APM) will allow organizations to become
more proactive in their strategy and increase their ability to stop
attacks even before they occur. APM provides this in a visual
manner, illustrating asset connectivity, vulnerability and risks to
identified critical assets through current state and scenario-
based analysis. Additionally, providing context to visual risk
exposure, a view of asset specific and overall risk score which
can aid in strategic decision making.
APM leverages artificial intelligence to drive its recommendation
engine which provides a variety of options for remediation and
risk mitigation while showing how each action, if executed
affects your risk score.
Attack Path Modelling leverages data sets such as external threat data,
vulnerability and network topology data to provide organizations:
• Ability to quantify potential risks to assets based on contextual
analysis of known vulnerabilities and system interdependencies
• Identification of vulnerable entry points which might be used to
gain access to a clients network
• Prediction of an attack path an attacker might use to traverse the
• Prioritization of remediation strategy through risk ranking
• Ability to develop simulated attack path models through
Why Neo4J for APM?
• Most APM functionality relies on extensive relationship traversing through the database. Neo4J
makes these queries easy to express and provides superior performance in comparison to
• Neo4J/cypher presents an intuitive approach to data storage and query, simplifying
• Proven performance in industrial environments, with documented capability on huge graph
databases with over a billion nodes.
• Rock-solid reliability for mission-critical production applications
• Strong community support
• Tools available to sync Neo4J with other databases such as MongoDb
Become more proactive in your strategy and increase the ability to stop attacks
even before they occur. APM provides this in a visual manner, illustrating asset
connectivitiy, vulnerabilitiy, and risks to identified critical assets through current state
and scenario-based analysis.
Leverage AI to to drive recommendations that provide a variety of options for
remediation and risk mitigation while showing how each action affects your risk
Attack Path Modelling
path models through
a remediation strategy
through risk ranking
an attack path an
atacker might use to
traverse the network
assets leading to
increased risk exposure
to an attack
vulnerable entry points
which be mused to gain
access to a network
Discover a new level of cyber protection
Smart. Informed. Nimble. Connected.
OmniaOmnia AI, Deloitte’s Artificial Intelligence practice takes a holistic approach to the insider threat challenge,
leveraging advanced analytics, machine learning and cognitive technologies to solve the most complex problems
for organizations. Our approach is simple. We work with you to bring you the most value based on available data
first, then take you on the journey to expand the capability. To do this, we bring industry context, experience and
a unique skill set.
Strengthen your Risk Profile
For more information,
Contact Dina Kamal (Partner, AI Risk)
+1 (416) 775 - 7414
Leverage internal and external data of reactive and
integrated risk-monitoring inputs to warn of emerging
threats and areas of vulnerability in near real-time
Enable actionable intelligence by prioritizing follow-up
actions such as pushing updates, patching, quarantining,
etc. for vulnerable assets which fall on the path of least
Data analytics powered by advanced machine
learning algorithms maps threat scenarios, attack
signatures and vulnerabilities to recommended
actions on security controls, with the ability to
perform conditional what-if analyses.