Friday, May 13, 2005

What is the difference between attack, vulnerability and threat?

1. What is the difference between attack, vulnerability and threat?
· Asset. A resource of value such as the data in a database or on the file system, or a system resource
· Threat. A potential occurrence — malicious or otherwise — that may harm an asset
· Vulnerability. A weakness that makes a threat possible
· Attack (or exploit). An action taken to harm an asset
· Countermeasure. A safeguard that addresses a threat and mitigates risk

Vulnerability Input validation
Threats Buffer overflow; cross-site scripting; SQL injection; canonicalization

Vulnerability Authentication
Threats Network eavesdropping; brute force attacks; dictionary attacks; cookie replay; credential theft

Vulnerability Authorization
Threats Elevation of privilege; disclosure of confidential data; data tampering; luring attacks

Vulnerability Configuration management
Threats Unauthorized access to administration interfaces; unauthorized access to configuration stores; retrieval of clear text configuration data; lack of individual accountability; over-privileged process and service accounts


Vulnerability Sensitive data
Threats Access sensitive data in storage; network eavesdropping; data tampering


Vulnerability Session management
Threats Session hijacking; session replay; man in the middle


Vulnerability Cryptography
Threats Poor key generation or key management; weak or custom encryption


Vulnerability Parameter manipulation
Threats Query string manipulation; form field manipulation; cookie manipulation; HTTP header manipulation


Vulnerability Exception management
Threats Information disclosure; denial of service


Vulnerability Auditing and logging
Threats User denies performing an operation; attacker exploits an application without trace; attacker covers his or her tracks

0 Comments:

Post a Comment

<< Home