Skip to main content

Attack Routes in the Mitigation Graph

Understand how attack routes illustrate threats to your business assets and help prioritize remediation.

Updated over 5 months ago

Overview

This article explains how Hyver's mitigation graph visualizes attack routes — the potential paths an attacker could take to reach your organization’s business assets. You'll learn how these routes are constructed, what they represent, and how to view them in the platform.

Understanding attack routes is key to spotting where your defenses are weakest — and where remediation efforts will make the most impact.

What Are Attack Routes?

Attack routes are visual paths in the mitigation graph that represent how an attacker could progress from a threat source to one or more business assets.

Each route is composed of a sequence of edges (lines), starting from the left (threat source) and moving toward the right (business assets). The route can include multiple positions in between — each corresponding to an asset or vulnerability that could be leveraged during the attack.

These routes reflect actual findings discovered through penetration testing and assessments.

What’s Shown in the Graph

  • The mitigation graph includes all attack routes generated based on the real security posture of the organization during a specific engagement.

  • Each route reflects a possible scenario where an attacker could exploit vulnerabilities to breach one or more business assets.

  • Findings are only shown if they are open or active.

    • Fixed findings are hidden by default to keep the view focused on current risks.

The graph is dynamically updated to reflect only the findings relevant to the currently selected engagement.

How to View the Graph

  1. Click the Mitigation Graph button in the left navigation bar.

  2. The graph will display the mapped attack routes relevant to the selected engagement:

You’ll see threat sources like external attackers or third-party partners on the left, and business-critical targets like customer information or employee information on the right. Routes between them represent potential paths of compromise.

Wrap-up / Next Steps

Attack routes show you exactly how an attacker might move through your environment — and where you can intervene to stop them. It’s a powerful way to turn findings into an actionable risk picture.

Next, explore how findings and positions work within these routes or learn how to create and manage routes in your own graph.

Related Articles
Mitigation Graph Overview
Mitigation Graph Components
Working with Positions in the Mitigation Graph
Creating a Mitigation Graph
Tips for Building Attack Routes
Did this answer your question?