Impact Matrix
Last updated
Last updated
The (business) impact matrix (BIM) is where you identify the areas that are critical to your organization.
In the impact matrix, you can create groups of devices that represent collections of important assets that you want to monitor. For example, you may be concerned about things such as student records or accounting systems. You can place devices that host this information in a group to monitor them. Then you specify the importance of the assets in the group (critical, high, medium, or low). This is useful when you want to view critical paths other than the defaults that Epiphany provides and you instead want to focus on the devices that represent areas that are important to your organization - your "crown jewels".
Once you save the group, Epiphany performs path optimization and identifies the many different ways an attacker can access the devices in your group. You can see which devices, of the thousands of devices in your system, are part of your student record system or accounting system.
Once you add an item to a group, its membership in the group is shown in its tile in the Path Finder. For example, in the image below, the item is in the BIM Group named Finance (BIM stands for "business impact matrix"). In this example, a user created an Impact group called Finance and added the item to that group.
To access the Impact Matrix:
In the left navigation menu, expand Attack Path Tools and then select Impact Matrix. A blank canvas displays, which is where you will create a business impact matrix (BIM) group. You create this group by drawing and naming a circle and identifying its level of importance, and then adding assets to the group.
Right-click in the middle of the pane to create a group. Then select Enable Drawing Mode. Drag your mouse to draw a circle.
Enter the Group Name. For example, name the group Student Records. Then select its Importance and select Save.
You can now specify which devices are part of your student record system by dragging them from the list on the right into the circle. In the image below, three devices were dragged into the circle, thus indicating they are part of the student record system. The devices are considered important because If those devices are compromised, then the student record system may be lost. Once you save this group by selecting Save at the top of the page, Epiphany performs optimization on the devices and their data paths.
Right-click on a node and select Assign Group, Node Tags, or Node Detail:
Assign Group: Confirm the group assignment for the node.
Node Tags: Assign tags to the node. You can specify a tag's value (i.e., critical, high, medium, or low), which changes its color (red, orange, yellow, or green). You can view tags currently assigned to a node, and you can create custom tags.
Node Detail: You can view an amazing amount of information about the device, including its operating system, total number of risks, risk level, primary group, and number of users. You can also view a list of all the device's vulnerabilities. You can also see a list of all installed applications, paths the device is in, and the device's data sources.
The Attack Path icon indicates a node that's in an attack path. Its color indicates the level of risk (red is higher risk; purple is lower).
