In today’s interconnected digital world, assessing and managing cybersecurity risks, especially in the landscape of enterprises, becomes fundamental to equally protect human rights and business. Enterprises are by definition the best playhouse for cyber attackers, since information leakages or asset compromise could lead to catastrophic impacts over people and companies. Considering the enormous technological improvement of capabilities and assets, and their spreading all over the sectors, makes this task even more challenging. Modern IT infrastructures continue growing in complexity, while cyber threats are constantly evolving to exploit vulnerabilities and find ways to spread across the interconnected assets within a system. This constant change makes it hard, even for experts, to study the companies' attack surfaces in order to predict, counter, and mitigate cyber threats from internal and external malicious actors.