Overview
This article introduces the Org. Attack Graph in Cye Exposure Management Platform — a visual tool that helps you understand potential attack routes and plan how to stop them. It’s not about taking action just yet, but understanding how the graph works, what it shows, and how it supports your mitigation strategy.
You'll learn what the Org. Attack Graph is, how it represents cyber threats, and who can edit or manage it.
What the Org. Attack Graph Shows
The Org. Attack Graph is a visual representation of all the attack routes that could lead to your organization’s critical business assets. These routes reflect real vulnerabilities identified in your environment and how attackers might exploit them:
Each attack route is drawn from a threat source (on the left) through various assets toward the critical business targets (on the right). These routes are based on actual red team activity and analysis — some of them may not reach business assets but can still be visualized for context and assessment.
The graph helps translate raw findings into a strategy by showing how different vulnerabilities connect and where intervention could make the biggest impact.
Visualization and Use Cases
Cye Platform's Org. Attack Graph includes multiple display and filtering options that let you:
Visualize vulnerabilities and attack paths from source to asset.
Prioritize findings based on impact and business context.
Explore remediation paths and plan actions accordingly.
This enables a data-driven approach to mitigation planning, helping you focus on what matters most.
Who Can Edit the Graph
Permissions determine who can build and modify the Org. Attack Graph:
Administrators and Power Users with Findings & Graph Initiator permissions at the company level can edit the graph.
Editors with Findings & Graph Initiator permissions at the engagement level can also create and update the graph, as well as manage findings.
Important notes
Some attack routes in the graph may not directly reach business assets — these still represent valid paths that could evolve or be leveraged in broader attack strategies.
You’ll need the right permissions to create or edit a Org. Attack Graph. Check your user role before getting started.
Wrap-up / Next Steps
Understanding how the Org. Attack Graph works gives you the foundation to make smarter, faster decisions when planning remediation. Whether you're exploring attack surfaces or preparing for a detailed mitigation plan, this visual tool connects the dots between vulnerabilities and business risk.
Feel free to dive into the detailed articles below, or take your time and come back when you're ready to build.