The tool, dubbed NetSPA for Network Security Planning Architecture, scans the network architecture, the individual computers it connects and a list of likely vulnerabilities to generate a threat mitigation program.
"It's a matter of what the attacker can get to and in what order," says Kyle Ingols, a computer scientist working on NetSPA
"If you spend time patching vulnerabilities the attacker can't get to first, you've left your network exposed longer."
The software also suggests the quickest way to block off holes effectively and ways to configure the network to mitigate the damage from an undetected attack.”
"Instead of patching or fixing or blocking a thousand hosts, we could say there are 10 critical hosts and patch those first."
The tool uses vulnerability scanners that are commonly available but also speeds up the scanning process and adds in scans of firewalls and router settings to predict likely hacking routes.
MIT develops network analysis tool
By Iain Thomson on Aug 30, 2008 12:23PM