Attack Path Analysis
Overview
Section titled “Overview”Attack Path Analysis connects individual findings, identities, and resources into the chains an attacker could actually follow. Instead of a flat list of issues, you see how an adversary moves from an initial foothold toward a high-value target — and which single fix breaks the most chains.
Key benefits
Section titled “Key benefits”| Benefit | Capability | Business value |
|---|---|---|
| Real context | Graph-based path discovery | Fix exploitable chains, not isolated alerts |
| Sharp priorities | Feasibility and business-risk scoring | Effort goes to the paths that matter |
| Choke points | Identifies steps shared by many paths | One fix can break many attacks |
How it works
Section titled “How it works”The graph model
Section titled “The graph model”RedCloud builds a graph of resources and identities and finds the routes between them, including a knowledge graph used for shortest-path reasoning. Each route is broken into discrete steps, mapped to MITRE ATT&CK tactics and techniques (see MITRE ATT&CK).
Privilege escalation & lateral movement
Section titled “Privilege escalation & lateral movement”The engine models privilege-escalation steps and lateral movement across identities and services — for example, a service account that can be impersonated, then used to grant itself more access.
Toxic combinations
Section titled “Toxic combinations”Some risks only emerge when several conditions line up (for example, a public resource plus an over-privileged identity plus a missing control). RedCloud detects these toxic combinations even when each individual finding looks benign.
Scoring
Section titled “Scoring”Each path receives a score that reflects feasibility (how reachable and exploitable the steps are) and business risk (the value of what’s at the end). A realism scorer and blast-radius analysis sharpen the ranking so the most dangerous, most achievable paths surface first.
Implementation / workflow
Section titled “Implementation / workflow”- Run a scan (a
fullprofile gives the richest graph). - Open Attack Analysis → Attack Paths (or Top Paths for the highest-scoring ones).
- Expand a path to see its steps, kill-chain stages, and MITRE mapping.
- Use the Path Narrative for a plain-language summary.
- Fix the shared choke-point steps first, then revalidate.
Best practices
Section titled “Best practices”- Prioritize steps that appear in many paths — they’re the highest-leverage fixes.
- Pair path analysis with Blast Radius to understand worst-case impact.
- Re-run after remediation to confirm the chain is broken.