What’s New

AttackTree 5.0.2

AttackTree 5.0.2 includes the following new features:

  • Indicators may now be assigned an initiator flag. Primary events that are assigned an initiator indicator will be automatically flagged as an indicator primary event.
  • A new view option has been added to allow users to view the maximum cut set probability for a gate as a preference.
  • AttackTree now caters for negative likelihood levels assigned to indicator options.
  • The maximum number of indicator types has been increased from 8 to 10.
  • The F3532-22 aircraft standard has been added to the standard templates.
  • The HEAVENS template settings have been changed so that Low Consequence weights match V2 of the standard. (10 rather than 20 for the first two consequence categories and 1 rather than 2 for the next 2 categories).
  • The mouse wheel may now be used with AttackTree diagrams to zoom (ctrl key) or shift left to right (shift key).
  • Drag and drop indicator to a primary event in an attack tree now changes the likelihood displayed if appropriate. Previously this was only done after a calculation or when using the edit dialog.
  • Standard templates now set indicator values to zero.
  • Move up and Move down options now retains the previous selection for Likelihoods, Risk levels and Indicator options.
  • Cut set and path set likelihood levels are now displayed in the result dialog (in brackets with indicator values) if the ‘Treat cut sets as independent’ option is selected. They may also be displayed in gate and path cut set reports. Likelihood levels are now displayed in the indicator tab of the primary event properties dialog.
  • Users may now drag and drop likelihoods and indicator options from the project tree onto AttackTree diagram primary events.
  • The CAPEC library has been updated to version 3.9.
  • Multiline text fields may now be exported to csv files (Excel).
  • Microsoft Edge may now be used for help display in Windows 11.

AttackTree 5.0.1

AttackTree 5.0.1 includes the following new features:

  • A requirements analysis may now be performed for an attack tree gate. A requirements analysis determines the path sets for the gate and determines which requirements have been assigned to each event path.
  • Requirements may now be assigned to gates and primary events in an attack tree. Requirements assigned to gates may also be assigned an event path.

AttackTree 5.0

AttackTree 5.0 includes the following new features:

  • Cyber security assurance levels (CAL) are now calculated for threats and assets based on the attack
    vector specified for each threat. Consequence CAL values may be specified in the Consequence
    dialog, ISO 21434 tab, for each attack vector option.
  • Two project options have been added to allow users to synchronize indicator values and consequence
    selections for threats associated with a data link to an attack tree gate in the same project.
  • Users may now select auto-assign for a consequence category in the threat analysis module. This has
    the effect of summating the weights of other categories to determine which consequence to assign (for
    the auto-assign category). This allows compliance with the HEAVENS standard method of determining
    impact levels.
  • Phrase tables may now be constructed in the threat analysis module. Phrases apply to asset/threat
    description and custom text fields.
  • Import/Export to Excel spreadsheets now refreshes column names in dialog when user selects
    ‘Column names in first row’ after selecting file name.
  • e-Help has been added in addition to chm help.
  • A new improved Enterprise interface has been implemented.
  • Project files differencing has been added (Tools menu).
  • PDF reports diagram page links have been implemented.
  • Grid layout filters now allow users to enter a SQL where clause.
  • Memo text field lengths have been extended in length from 2000 to 40000 characters.
  • Diagram draw speeds were very slow if long descriptions are used for double-byte character strings
    (Chinese, Japanese etc.). This was due to inefficiencies in the Microsoft MeasureString method. A new
    option has been added to the project options ‘Fonts’ tab allowing precise fitting (the slower method) to
    be switched off (the default) for double-byte languages.

AttackTree 4.0

AttackTree 4.0 includes the following new features:

  • AttackTree now provides the framework for threat modelling, performing threat analysis and risk assessment according to well known standards such as J3061 and ISO-26262. Users may also customize the analysis using their own consequence categories and severity weightings, likelihood categories and risk levels.
  • Indicator values can now be displayed in gate, consequence, and risk category cut set reports.
  • Indicator options have been added in addition to indicator values.
  • Plugins may now perform analyses so long as the appropriate module licence is available.
  • Plugins will now automatically reference the calling .Net assembly.

AttackTree 3.0.1

AttackTree 3.0.1 includes the following new features:

  • The report database is now based on the SQL Server LocalDB database engine instead of SQL Server Compact. This technology provides the following benefits: 1) an increase in the maximum database size from 4 GB to 10 GB, 2) Complex SQL queries are processed much faster (orders of magnitude in some cases), and 3) full SQL Server Transact-SQL syntax is supported.
  • Users may now optionally remove phonetics when importing from an Excel spreadsheet. The appropriate option needs to be set in the Application Options dialog, Import tab.
  • The time taken to repaginate text column reports has been reduced by a factor of 2 to 3 in some circumstances.
  • The time taken to page through text column reports has been significantly reduced
  • The time taken to publish PDF and Word text column reports has been significantly reduced.
  • A feature has been added allowing the user to syntax check and format SQL queries in the report designer SQL Query Wizard.

 AttackTree 3.0

AttackTree 3.0 includes the following new features:

  • A ‘Mitigation Tree’ module has been added allowing users to model the effects of mitigation factors on consequences.
  • Tool tips have been added to list controls in the Grid Layouts dialog (General tab) to identifier the field ID.
  • Database ‘integer’ import fields may now be matched to ‘double’ application fields.
  • Reports can now be displayed in full screen mode.
  • The Status tab of the license activation dialog now has an option to show all, active, expired or broken license entitlements.
  • The licence status text on the Status tab of the License Activation dialog can now be copied to the clipboard.
  • The activation and fulfillment id's on the Return tab of the License Activation dialog can now be copied to the clipboard. The feature is intended to help when re-hosting licenses. It allows users to make a record of the activation id's prior to returning their licenses and then use this information when activating on the new host.

AttackTree 2.0

64-bit Application

AttackTree 2.0 runs as a 64-bit application allowing much larger models to be analyzed than in previous 32-bit versions.

Please note that AttackTree  2.0 requires a 64-bit operating system.

Enterprise Version

The Isograph Enterprise System provides the framework for controlling multi-user project and library access through a central database system. Access rights to projects, libraries and administrative functions are controlled through user permissions. This allows an organization to:

  • Assign administrators to organize access rights to groups of users
  • Build a centralized hierarchy to organize projects and libraries
  • Restrict access to projects and libraries where necessary
  • Control the check-in and check-out of projects for modification
  • Track the current projects that are checked-out to users
  • Provide version control of projects and libraries

Enhanced Grid View

The new grid view allows access to data tables making up an AttackTree project. Users may now construct their own custom grid layouts using filter and sort facilities and take advantage of the extensive Find and Replace functionality.

Enhanced Library Facilities

Users may now attach multiple libraries when editing the current AttackTree project. Users can construct libraries of different types of data and concurrently access the data from different libraries. Data may be dragged from a library onto the appropriate node in the project tree control.

Report Designer

The Report Designer has been enhanced and extended to provide export and publishing facilities in Word and PDF format. Wizards are provided for report creation


Import and export facilities have been improved to include the latest versions of Excel and Access. SQL Server import and export is now possible.

Diagram Notes and Hyperlinks

Notes and hyperlinks may now be added directly to the AttackTree diagram. Note text and hyperlinks may be displayed by hovering the mouse cursor over the appropriate symbol in the diagram.

Spelling Checker

The new spelling checker allows users to check selected tables or the entire project for spelling errors.


If you are licensed to use the new Plugins facility you will be able to create programmable plugins that read, analyze and modify data from the current AttackTree project. Plugins may be used to create specialized reports, perform specialized operations or conversions, modify project data and call external libraries or processes. A plugin may be exported for use by other users.

Application Programming Interface (API)

A new and rich API (Application Programming Interface) has been added allowing .Net programmers to quickly build interfaces to other applications. All the standard project tables may now be accessed through the Dynamic Link Library (DLL) facility. The AttackTree  DLL enables users to seamlessly link their databases or external applications to AttackTree projects. For example, the DLL may be used to create a custom link from a database for importing parts data into a AttackTree  project.

Let's Keep In Touch!

Subscribe to our newsletter to get the latest information on Isograph software.

By submitting this form, you are consenting to receive marketing emails from: . You can revoke your consent to receive emails at any time by using the SafeUnsubscribe® link, found at the bottom of every email. Emails are serviced by Constant Contact