Visual Threats and Countermeasures

0
1548

While working on patterns & practices Security guidance, I pushed the idea of “Visual Threats and Countermeasures.” 

I wanted a simple way to show customers how to quickly whiteboard their application and find issues. 

It was very effective for finding hot spots and drilling in.

Here is an example:

Scenario

image

Threats / Attacks

image

Vulnerabilities

image

Database Server Threats / Attacks and Vulnerabilities

image

Library Threats / Attacks and Vulnerabilities

image

Web Application Threats / Attacks and Vulnerabilities

image

Web Server Threats / Attacks and Vulnerabilities

image