An attack tree is a hierarchical, graphical model used in cybersecurity to systematically analyze and visualize the various ways an attacker could achieve a specific malicious objective against a system, network, or asset. The root node represents the ultimate attack goal (such as data theft or system compromise), which is then broken down into sub-goals and prerequisite actions as child nodes. These nodes are connected by logical "AND" and "OR" relationships—where "AND" means all conditions must be met, and "OR" indicates that any single path is sufficient to achieve the goal.

Attack trees serve as a fundamental tool for threat intelligence and risk management, enabling security professionals to map potential attack paths, identify critical vulnerabilities, and evaluate attack vectors. By providing a structured visualization of complex attack scenarios, organizations can assess the likelihood and potential impact of threats, prioritize defensive resources effectively, and develop targeted security controls to strengthen their overall cybersecurity posture.