Slot: attack_graph

An Attack Graph describes possible routes an attacker could take through an

environment. It describes relationships between resources and their findings,

such as malware detections, vulnerabilities, misconfigurations, and other

security actions.

URI: ocsf:attack_graph Alias: attack_graph

Applicable Classes

Name	Description	Modifies Slot
FindingInfo	The Finding Information object describes metadata related to a security findi...	yes

Properties

Type and Range

Property	Value
Range	Graph
Domain Of	FindingInfo

Cardinality and Requirements

Property	Value

Aliases

Attack Graph

Notes

MS Defender description of Attack Path — https://learn.microsoft.com/en-us/azure/defender-for-cloud/how-to-manage-attack-path
SentinelOne Attack Path documentation — https://www.sentinelone.com/cybersecurity-101/cybersecurity/attack-path-analysis/

Identifier and Mapping Information

Schema Source

from schema: https://w3id.org/lmodel/ocsf

Mappings

Mapping Type	Mapped Value
self	ocsf:attack_graph
native	ocsf:attack_graph

LinkML Source

name: attack_graph
description: 'An Attack Graph describes possible routes an attacker could take through
  an

  environment. It describes relationships between resources and their findings,

  such as malware detections, vulnerabilities, misconfigurations, and other

  security actions.'
notes:
- 'MS Defender description of Attack Path —

  https://learn.microsoft.com/en-us/azure/defender-for-cloud/how-to-manage-attack-path'
- 'SentinelOne Attack Path documentation —

  https://www.sentinelone.com/cybersecurity-101/cybersecurity/attack-path-analysis/'
from_schema: https://w3id.org/lmodel/ocsf
see_also:
- https://learn.microsoft.com/en-us/azure/defender-for-cloud/how-to-manage-attack-path
- https://www.sentinelone.com/cybersecurity-101/cybersecurity/attack-path-analysis/
aliases:
- Attack Graph
rank: 1000
alias: attack_graph
domain_of:
- FindingInfo
range: Graph