Using attack trees or graphs to understand potential attack scenarios and the "how-to" of an exploit.
Visualizing the sequence of steps (nodes and edges) an adversary might take, including entry points and lateral movement. plan of attack
Continuously mapping and testing all organizational assets for vulnerabilities. Using attack trees or graphs to understand potential
Identifying critical assets, mapping the attack surface, and discovering vulnerabilities. mapping the attack surface
Focusing on the highest-risk areas, such as choke points where multiple paths intersect.