"Reverse" model - take the business case of the system and work down to threats.
A threat is not a vulnerability. A threat is what someone might try to do to your system; a vulnerability is how they would do it successfully
What risk drivers are there?
Application overview: Documentation drill; models; dataflow
Decompose application: break it down into well-defined "chunks".
Identify threats against the security objectives
Identify vulnerabilities "Vulnerability Assessments"
A threat model helps you to define, categorize, and prioritize vulnerabilities
Make sure to fix vulnerabilities, not exploits - understand all nuances, attack potential, exploit paths
STRIDE / DREAD
Other factors:
Ease of use, mitigants, timing, visibility,
monitorability (can you watch people doing stuff?),
forensics,
access required( even for internal apps, what are the chances of a bad guy infiltrating? )
XSS: Take user-inputted data and display it back without filtering. Nuances to XSS (Reflective Script Attack, Persistent Private Vectors)
POST based attack would not show up in server logs
No comments:
Post a Comment
Note: Only a member of this blog may post a comment.