Where are the Attack Tree geeks here, so we can connect?

I would be interested to know who is a fan, so we can exchange ideas and experiences.

Current capabilities + how to expand

Visualizing attack trees - Techniques & Tooling - Threat Modeling Connect Forum has helpful tooling for Attack Trees (+ Drawing).

The exact post I linked has a survey about Attack (Defense) Trees and their capabilities by @michael.loadenthal - showing different approaches.

In my experience, Attack Trees are one of the most powerful methods around.

I want to dive deeper into understanding and promoting their capabilities…

I have upcoming publications, related and beyond what I posted at GIVEN WHEN THEN Threat Modeling

I could use some help:

• (Again:) Who are the fans?
• What’s your favorite thing about them?
• What are some of the calculations and post-processings you used with Attack Trees?
• Special topic: How do you handle quantities in Attack Trees?
• What’s next?

I’m a fan

They are a good resource and tool for sure,

I’d be interested how or if you could link the output of an attack tree to another TM aspect like MITRE ttp or a STRIDE threat.

My thoughts (but it’s been a long week already!)

So you have an output from the attack tree and you link those to the other TM aspect. In theory this shows how you came to that decision and you can also align that threat to an established methodology for wider business understanding

I’ll get my head together, see what I come up and share it. Always happy to help out in any other way