Why (and how) Google Cloud is adding attack path simulation to Security Command Center
As cloud environments scale and evolve based on changing business priorities, security teams may struggle to understand where their biggest risks are and where to focus their security controls. Some cloud security products have begun to incorporate attack path analysis to address this prioritization problem. Attack path analysis is a technique of discovering possible pathways that adversaries can take to access and compromise IT assets. A common approach in implementing attack path analysis is to produce a graph of all assets, and then query the map to discover possible exploit paths. While this may produce impressive-looking graphs, it requires the [...]