Step 5: Threat-Model the Vulnerabilities

Chapter 14 and Chapter 15 discuss how to use threat modeling to determine the security vulnerabilities of a system. This can be done during any phase of the project, but there are definite advantages in threat-modeling during the design phase of the system, and it commonly follows a set course:

Identify who the potential intruders are.
Brainstorm the ways an intruder could attack the system, and generate a list of vulnerabilities.
Rank the vulnerabilities by decreasing risk, where risk is equal to damage potential and chance of attack.
Choose the action to take for each vulnerability. For high-risk vulnerabilities, this means fixing the problem or changing the architecture so that the vulnerability is removed. ...

Get Security for Microsoft® Visual Basic® .NET now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Security for Microsoft® Visual Basic® .NET by

Step 5: Threat-Model the Vulnerabilities

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly