上QQ阅读APP看书,第一时间看更新
Threat modeling
Threat modeling is a process by which potential threats can be identified and enumerated and mitigations can be prioritized. Threat modeling depends on the amount and quality of information gathered; with this information, the activity can be broken down into stages and then performed using automated tools and logical attacks.
The following is a mind map of a threat model:
(credits: http://www.pentest-standard.org/index.php/Threat_Modelling
License: GNU Free Documentation License 1.2 )
License: GNU Free Documentation License 1.2 )
Let's now have a look at vulnerability analysis.