Use Case: Visualize the Attack Path Of an Offense
Offenses in JSA Risk Manager are events that are generated by the system to alert you about a network condition or event.
Attack path visualization ties offenses with topology searches. This visualization allows security operators to view the offense detail and the path the offense took through your network. The attack path provides you with a visual representation. The visual representation shows you the assets in your network that are communicating to allow an offense to travel through the network. This data is critical during auditing to prove that you monitor for offenses, but also proves the offense does not have an alternate path in your network to a critical asset.
The key features for visualization are:
Leverages the existing rule and offense system from JSA.
Displays a visual path for all devices between the source and destination of the offense.
Quick access to the device configurations and rules that allow the offense.
Viewing the Attack Path Of an Offense
You can view the attack path of an offense. The attack path shows the source, destination, and associated devices.
- Click the Offenses tab.
- On the navigation menu, click All Offenses.
The All Offenses page displays a list of offenses that are on your network. Offenses are listed with the highest magnitude first.
- Double-click an offense to open the offense summary.
- On the Offenses toolbar, click View Attack Path.