Visiting as Guest
Register  |  Log In

Risk Analyzer

Risk Analyzer introduces a new way to measure risk. Instead of calculating threats and vulnerabilities, risk is measured in hypothetical attacks, or attack scenarios. The enterprise defines the attack scenarios — a threat source and assets at risk from the threat — that matter most.

The old way of thinking was that risk was simply a product of our threats and vulnerabilities. But vulnerabilities have changed to only mean weaknesses in our software applications and operating systems. This definition that misses a crucial condition in evaluating risk: is the weakness exposed to the threat?

Risk Analyzer introduces a new way to measure risk. Instead of calculating threats and vulnerabilities, risk is measured in hypothetical attacks, or attack scenarios. The enterprise defines the attack scenarios — a threat source and assets at risk from the threat — that matter most. Example scenarios include: partners using a VPN to access ordering systems, geo-political threats wanting to deface corporate web messaging, and internal users direct access to financial data.

With your risk scenarios defined, the exposure to each can be measured by Risk Analyzer. The system's dashboard provides an overview of each scenario in terms of its access to assets and potential vulnerabilities.