Chokepoints

Watch a summary on youtube >>.

In the previous module, Attack Paths, we saw that attack paths consist of a chain of attack steps leading to the High Value Asset.

Some of these attack steps are more important to the attacker than others. Or, in other words, sometimes there are several alternatives the attacker can use and sometimes not.

The Chokepoints chart in the simulation report is showing the most important assets from the attacker’s perspective.

Chokepoints.
Chokepoints.

To the left we see the Attacker, to the right we see the High Value Assets and in the middle we see the objects that are the most important ones from the attacker’s perspective.

If we can block the attacker from using these objects listed in the middle, or make them harder to use, it will make the attack harder to accomplish.

Therefore, the Chokepoint objects are a good starting point when applying and evaluating different mitigations.