These attack graphs, however, are often complex and difficult to comprehend fully, and a human user may find it problematic to reach appropriate configuration decisions.
The most common threat model used in the past is of an attacker compromising hosts via server-side vulnerabi... Abstract — Defense in depth is a common strategy that uses layers of firewalls to protect Supervisory Control and Data Acquisition (SCADA) subnets and other critical resources on enterprise networks.
Full graphs grow combinatorially and cannot be used for large networks.
Ammann  developed an algorithm which scales as roughly O(n6 ) =-=-=-, but is capable of finding all exploits which can be used to reach a specified goal.  adopt the algorithm and use Nessus scans to identify some vulnerability locations and reachabi... Abstract—By accurately measuring risk for enterprise networks, attack graphs allow network defenders to understand the most critical threats and select the most effective countermeasures.
We have tested the prototype on an operational network with over 250 hosts, where it helped to discover a previously unknown configuration error.
It has processed complex simulated networks with over 50,000 hosts in under four minutes. the use of full attack graphs [8, 30], as shown in Figure 3a.