Attackability

Attackability is a concept used to describe the degree to which a target—such as a system, network, individual, or organization—is susceptible to successful attack. It reflects both the inherent vulnerabilities of the target and the feasibility of an attacker’s effort. In many domains, attackability functions as a composite metric that aggregates technical weaknesses, operational practices, and contextual factors that influence threat actors’ choices and capabilities.

In the field of cybersecurity, attackability typically combines known vulnerability scores, detection latency, configuration errors, and

Military and strategic studies also employ the term to assess the ease with which an adversary can

Game‑theoretic approaches to attackability treat both defenders and attackers as rational agents choosing strategies to maximize

Modern risk frameworks incorporate attackability into broader risk calculations. By quantifying the probability that an attack