Attack Path Risk Calculation
preview feature
Attack paths for Azure are currently in preview.
Path risk considers both the likelihood of a security breach and the potential impact of the breach.
Lacework calculates path risk by considering the following factors:
- The type of asset that is the target node of the attack path
- The types of other assets along the path, including hosts, container images, and Kubernetes services
- The individual risk scores of the other assets along the path
The relative ranking of an asset's potential impact from most impactful to least impactful:
- Admin privilege
- Cloud object storage (Amazon S3 bucket | Azure Blob Storage)
- Cloud databases (Amazon RDS | Google Cloud SQL | Azure Database)
- Host | Container image | Kubernetes service
The approach to calculating risk continues to evolve as Lacework incorporates additional factors into the modeling framework.