News About
John X. Wang
Loading...
Happy Cyber Monday! What Every Engineer Should Know About Security Risk Analysis Techniques with a Table
-
Dec 03, 2019 |Happy Cyber Monday! What Every Engineer Should Know About Security Risk Analysis Techniques with a Table
Analysis Process
Techniques
Brief descriptions
Assets identification
Assets categorizations
Identify each asset according to predefined categories
Assets valuation
Asset valuation table
Assign each asset with value for disclosure, integrity and denial of service
Threats identification
Threats categorizations
Identify each threat according to predefined categories
Threat trees
Identify threats by decomposing general categories threat into specific threats
Vulnerabilities identification
Vulnerabilities check-lists
Table listing the assets and check for vulnerabilities
Attack trees
Identify vulnerabilities and describe the security of the system
Abuse case model
Identify and model the vulnerabilities of the system
Survivable Network Analysis
Identify softspot components (essential and compromisable) and provide recommendations
Risk Assessment
Impact valuation table
Assign value of low, medium or high according to attacks and impact
Security Measures identification
Checklists
Based on what can be done for the problem, on the controls known so far
Security Measures Principles
List of principles to help with selection of appropriate security measures
See More
Subjects
Engineering - General, Engineering - Industrial & Manufacturing, Homeland Security, Information Technology