Beruflich Dokumente
Kultur Dokumente
#1.High,Medium,andLowRatings
YoucanuseasimpleHigh,Medium,orLowscaletoprioritizethreats.
Rating
LevelofRisk
MitigationUrgency
HIGH
Significantrisktoapplication.
MustbeaddressedASAP.
MED
Somerisktoapplication.
Mustbeaddressed,butwithlessurgency.
LOW
Minimalrisktoapplication.
Mayignoreifeffortandcostaretoohigh.
IfathreatisratedasHigh,itposesasignificantrisktoyourapplicationandneedstobeaddressedassoonaspossible.Medium
threatsneedtobeaddressed,butwithlessurgency.Youmaydecidetoignorelowthreatsdependinguponhowmucheffortand
costisrequiredtoaddressthethreat.
#2.Risk=Probability*DamagePotential
Thisformulaindicatesthattheriskposedbyaparticularthreatisequaltotheprobabilityofthethreatoccurringmultipliedbythe
damagepotential,whichindicatestheconsequencestoyoursystemifanattackweretooccur.
Probability:1>VeryUnlikelytooccur;10>NearCertaintyitwilloccur
DamagePotential:1>Minimaldamage;10>Catastrophe
NOTE:Usingthisapproach,theriskposedbyathreatwithalowlikelihoodofoccurringbutwithhighdamagepotentialisequalto
theriskposedbyathreatwithlimiteddamagepotentialbutthatisextremelylikelytooccur.
Thisapproachresultsinascaleof1100,andyoucandividethescaleintothreebandstogenerateaHigh,Medium,orLowrisk
rating.
*ExcerptfromChapter3ThreatModelingofMicrosoftsImprovingWebApplicationSecurity:ThreatsandCountermeasures.
#3.DREADRating
Table3.6DREADThreatRatingTable
Rating
High(3)
D
R
E
A
D
Theattackercansubvertthe
securitysystem;getfulltrust
authorization;runas
administrator;uploadcontent.
Theattackcanbereproduced
Reproducibility everytimeanddoesnot
requireatimingwindow.
Anoviceprogrammercould
Exploitability maketheattackinashorttime.
Damage
potential
Affectedusers
Medium(2)
Leakingsensitiveinformation
Leakingtrivialinformation
Theattackcanbereproduced,but
onlywithatimingwindowanda
particularracesituation.
Askilledprogrammercouldmake
theattack,thenrepeatthesteps.
Theattackisverydifficultto
reproduce,evenwith
knowledgeofthesecurityhole.
Theattackrequiresan
extremelyskilledpersonand
indepthknowledgeeverytime
toexploit.
Verysmallpercentageofusers,
obscurefeature;affects
anonymoususers
Thebugisobscure,anditis
unlikelythatuserswillwork
outdamagepotential.
Allusers,defaultconfiguration, Someusers,nondefault
keycustomers
configuration
Publishedinformationexplains
Discoverability theattack.Thevulnerabilityis
foundinthemostcommonly
usedfeatureandisvery
noticeable.
Low(1)
Thevulnerabilityisinaseldom
usedpartoftheproduct,andonly
afewusersshouldcomeacrossit.
Itwouldtakesomethinkingtosee
malicioususe.
Afteryouasktheabovequestions,countthevalues(13)foragiventhreat.Theresultcanfallintherangeof515.Thenyoucan
treatthreatswithoverallratingsof1215asHighrisk,811asMediumrisk,and57asLowrisk.
Table3.7showsanexampleDREADratingfortwothreats:
Threat
D R E A D Total Rating
Attackerobtainsauthenticationcredentialsbymonitoringthenetwork.
3 3 2 2 2 12
High
SQLcommandsinjectedintoapplication.
3 3 3 3 2 14
High
*ExcerptfromChapter3ThreatModelingofMicrosoftsImprovingWebApplicationSecurity:ThreatsandCountermeasures.