new attack path content

Author: DebLanger

exposure-management/media/review-attack-paths/attack-path-list.png

@@ -25,23 +25,40 @@ Security Exposure Management is currently in public preview.
   - If you don't have licenses defined for workloads integrated and represented in the attack path.
   - If you don't fully define critical assets.
 
-## View attack paths
+### Attack path dashboard
 
-1. To access [attack paths](https://security.microsoft.com/attack-paths), select  **Attack surface -> Attack path**.
+The dashboard provides a comprehensive overview of all identified attack paths within the environment. It enables security teams to gain valuable insights into the types of paths identified, top entry points, target assets, and more, helping to prioritize risk mitigation efforts effectively. The overview includes:
 
-    :::image type="content" source="./media/review-attack-paths/attack-paths.png" alt-text="Screenshot of the Security Exposure Management attack path window" lightbox="media/review-attack-paths/attack-paths.png":::
+- Graph of attack paths over time
+- Top choke points
+- Top attack path scenarios
+- Top targets
+- Top entry points
+
+:::image type="content" source="media/work-attack-paths-overview/attack-paths-dashboard.png" alt-text="Screenshot of attack path dashboard" lightbox="media/work-attack-paths-overview/attack-paths-dashboard.png":::
+
+### View attack paths
+
+1. You can access [attack paths](https://security.microsoft.com/attack-paths) from the attack path dashboard, or by selecting  **Attack surface -> Attack path**.
+
+   :::image type="content" source="media/review-attack-paths/attack-path-list.png" alt-text="Screenshot of attack path list" lightbox="media/review-attack-paths/attack-path-list.png":::
 
 1. To change how attack paths are displayed, you can select a heading name to sort by a specific column heading.
 
-## Group by choke points
+### Group attack paths
+
+To group attack paths by specific criteria:
 
-To group by choke point:
+Select **Group** to group by **Attack path name**, **Entry point**,**Entry point type**, **Target type**, **Risk level**, **Status**, **Target criticality**, **Target**.
 
-1. Select **Attack surface -> Attack path**.
+### View choke points and blast radius
 
-1. Select **Group** to group by **Name**, **Entry point type**, **Target type**, **Target criticality**, **Status**, or **choke point**.
+1. Go the choke points tab to view a list of choke points on the attack path dashboard. By focusing on these choke points, you can reduce risk by addressing high-impact assets, thus preventing attackers from progressing through various paths.
+1. Select a choke point to open the side panel, select **View blast radius** and explore the attack paths from a choke point. The blast radius provides a detailed visualization showing how the compromise of one asset could affect others. This enables security teams to assess the broader implications of an attack and prioritize mitigation strategies more effectively.
+ 
+:::image type="content" source="media/review-attack-paths/choke points and blast radius.png" alt-text="Screenshot of chock point and blast radius " lightbox="media/review-attack-paths/choke points and blast radius.png":::
 
-## Examine an attack path
+### Examine an attack path
 
 1. Select a specific attack path to examine it further for potential exploitable vulnerabilities.
 

exposure-management/media/review-attack-paths/choke points and blast radius.png

@@ -25,6 +25,19 @@ Security Exposure Management is currently in public preview.
 >
 > `https://aka.ms/msem/rss`
 
+## October 2024
+
+### New in attack paths
+
+We have introduced four new features designed to enhance your security management and risk mitigation efforts. These features provide valuable insights into the attack paths identified within your environment, enabling you to prioritize risk mitigation strategies effectively and reduce the impact of potential threats. 
+
+The new features include:
+
+- **Attack path widget on exposure management overview page**: Provides users with an at-a-glance, high-level view of discovered attack paths. It displays a timeline of newly identified paths, key entry points, target types, and more, ensuring security teams stay informed about emerging threats and can respond quickly.
+- **Attack path dashboard**: Provides a comprehensive overview of all identified attack paths within the environment. This feature enables security teams to gain valuable insights into the types of paths identified, top entry points, target assets, and more, helping to prioritize risk mitigation efforts effectively.
+- **Choke points**: Highlights critical assets that multiple attack paths intersect, identifying them as key vulnerabilities within the environment. By focusing on these choke points, security teams can efficiently reduce risk by addressing high-impact assets, thus preventing attackers from progressing through various paths.
+- **Blast radius**: Allows users to visually explore the paths from a choke point. It provides a detailed visualization showing how the compromise of one asset could affect others, enabling security teams to assess the broader implications of an attack and prioritize mitigation strategies more effectively.
+
 ## September 2024
 
 ### New Enterprise IoT Security Initiative

exposure-management/media/work-attack-paths-overview/attack-paths-dashboard.png

@@ -20,20 +20,29 @@ Security Exposure Management is currently in public preview.
 
 [!INCLUDE [prerelease](../includes/prerelease.md)]
 
+## Attack path dashboard
+
+The attack path dashboard provides a high-level view of the attack paths in your organization. It shows the number of attack paths, the number of choke points, and the number of critical assets. You can use this information to understand the security posture of your organization and to prioritize your security efforts. From the dashboard, you can drill down into the details of the attack paths, choke points, and critical assets.
+
+:::image type="content" source="media/work-attack-paths-overview/attack-paths-dashboard.png" alt-text="Screenshot of attack path dashboard" lightbox="media/work-attack-paths-overview/attack-paths-dashboard.png":::
+
 ## Identifying and resolving attack paths
 
-Here's how Security Exposure Management helps you to identify and resolve attack paths.
+Here's how Exposure Management helps you to identify and resolve attack paths.
 
 - **Attack path generation**: Security Exposure Management automatically generates attack paths based on the data collected across assets and workloads. It simulates attack scenarios, and identifies vulnerabilities and weaknesses that an attacker could exploit.
 - **Attack path visibility**: The attack path graph view uses [enterprise exposure graph](cross-workload-attack-surfaces.md) data to visualize the attack path to understand how potential threats might unfold.
   - Hovering over each node and connector icon provides you with additional information about how the attack path is build. For instance, from an initial virtual machine containing TLS/SSL keys all the way to permissions to storage accounts.
   - The [enterprise exposure map](enterprise-exposure-map.md) extends how you can visualize attack paths. Along with other data, it shows you multiple attack paths and choke points, nodes that create bottlenecks in the graph or map where attack paths converge. It visualizes exposure data, allowing you to see what assets are at risk, and where to prioritize your focus.
 - **Security recommendations**: Get actionable recommendations to mitigate potential attack paths.
-- **Choke point identification**: To manage choke points:
-  - Security Exposure Management provides a way to group choke point nodes through which multiple attack paths flow, or where multiple attack paths intersect on the way to a critical asset.
-  - Choke point visibility enables you to focus mitigation efforts strategically, addressing multiple attack paths by securing these critical points in the network.
-  - Ensuring that choke points are secure protects your assets from threats.
-:::image type="content" source="./media/review-attack-paths/attack-paths-graph.png" alt-text="Screenshot of the graph visualization of attack path"  lightbox="media/review-attack-paths/attack-paths-graph.png":::
+- **Choke points**: The attack path dashboard highlights critical assets where multiple attack paths intersect, identifying them as key vulnerabilities. By focusing on these choke points, security teams can efficiently reduce risk by addressing high-impact assets.
+
+  - **Identification**: View a list of choke points on the attack path dashboard.
+  - **Grouping**: Security Exposure Management groups choke point nodes where multiple attack paths flow or intersect on the way to a critical asset.
+  - **Strategic Mitigation**: Choke point visibility enables you to focus mitigation efforts strategically, addressing multiple attack paths by securing these critical points.
+  - **Protection**: Ensuring that choke points are secure protects your assets from threats.
+- **Blast radius**: Allows users to visually explore the paths from a choke point. It provides a detailed visualization showing how the compromise of one asset could affect others, enabling security teams to assess the broader implications of an attack and prioritize mitigation strategies more effectively.
+
 
 ## Next steps