Skip to main content

Industry Attack Graph Overview

A strategic overview of the Industry Attack Graph—how it models sector-wide threats and overlays your organizational findings to reveal end-to-end attack paths.

Updated this week

Overview

The Industry Attack Graph is a system-generated modeling tool that predicts potential attack routes to your Business-Critical Assets (BCAs). It utilizes industry-sector threat intelligence to visualize risk even before an organization-specific assessment is conducted.

From Industry Benchmarks to Organizational Risk

The graph is designed to be immediately functional, providing visibility that matures alongside your data:

  • Predictive Baseline: When no organizational findings are available, the graph renders a blueprint of common attacker routes targeting your specific industry sector.

  • Mixed Reality: As findings are added via manual input or integrations, the platform layers weaknesses onto the industry paths.

  • Automated Modeling: The Industry Attack Graph uses system‑generated modeling to build and re-evaluate attack routes. These paths are automatically updated as industry-wide data evolves.

Two Graphs, Two Approaches

Industry Attack Graph
Immediate and continuously updated. Uses factual findings, but the routes are system-generated. Valuable for early visibility and continuous monitoring.

Org. Attack Graph
Represents attack paths tailored to your own environment. It is built from organizational findings collected through expert-led assessments, manual uploads, and integrations.

Together, these graphs help you visualize how your findings could be exploited as part of an attack — and prioritize which issues to mitigate first. This visibility also supports clearer communication about how individual findings contribute to real risk.

Exploring the Industry Attack Graph


1. Open the Industry Attack Graph

To get started, open the sidebar on the left and select the Industry Attack Graph tab.

If your organization has no findings yet, you'll see a zoomed-out view showing common attacker routes (marked in gray) from Threat Sources to Business-Critical Assets (BCAs), based on industry-wide patterns.

The Industry Attack Graph only uses and displays findings from your company’s industry sector, as defined in your company profile.

To help you focus on the most important findings and routes, the Industry Attack Graph only displays the most common data.


2. Add Your Findings

Once you integrate organizational findings via manual input, file import, or integrations, the graph automatically layers your verified weaknesses (marked in purple) alongside industry-sector data (marked in gray). This synthesis reveals complete attack paths unique to your environment, using Industry Findings to bridge any gaps in the route. To focus exclusively on your verified risks, you can use Filters to hide industry-only paths and reduce visual clutter.


3. Use Filters

The Filters panel gives you control over what’s displayed on the graph.

By default, the graph shows your organization’s findings (in purple) and uses Industry Findings (in gray) when needed to complete routes. You can adjust the view to show only Org findings, or both Org and Industry Findings — depending on your needs.

Click the Filters panel to:

  • Filter by edge type: show only Industry routes, only Org routes, or Mixed routes that combine both.

  • Filter by Engagements to focus on specific assessments or data sources.

  • Search for a specific finding or position by name.

Use these filters to reduce noise, spotlight key risks, or isolate specific threats in your environment.


4. Data Deep-Dives

The Industry Attack Graph is fully interactive. Clicking any element, including nodes, findings, or edges, opens the Right Pane, which provides the technical evidence and business impact required for risk validation. This pane serves as the central hub for accessing mitigation steps, security standards, and detailed asset metadata without leaving the graph view.

Dynamic Likelihood Modeling

The risk scores and attack routes in the Industry Attack Graph are not static. They represent a live calculation that adapts as your data matures:

  • From Estimates to Reality: In the absence of organizational data, the graph uses industry-wide benchmarks. As you add your own findings, these benchmarks are replaced by verified, organization-specific probabilities.

  • Impact of Remediation: Changing a finding’s status (e.g., to Fixed or Irrelevant) triggers an immediate recalculation. This may cause the most probable routes to shift or change entirely.

Wrap-up

The Industry Attack Graph provides a predictive roadmap for exposure management. By identifying where common industry threats intersect with your specific environment, you can move from reactive patching to proactive risk mitigation.

  • Immediate Visibility: Utilize the Predictive Baseline to visualize potential attack routes to your Business-Critical Assets (BCAs) before a full assessment is even initiated.

  • Targeted Prioritization: Leverage Mixed Reality to see how industry-standard attack paths are uniquely enabled by your verified findings, allowing you to focus remediation where it breaks the most probable routes.

  • Adaptive Risk: Rely on Dynamic Likelihood to ensure your risk scores and most probable routes stay current as both industry intelligence and your own findings evolve.

Related Articles
Mitigation Graph Overview
Org. Attack Graph Components
Attack Routes in the Mitigation Graph
Quantification of Cyber Risk
Industry Attack Graph Components
Did this answer your question?