834 B
Executable File
834 B
Executable File
| author | date | title | tags | |
|---|---|---|---|---|
| Alvie Rahman | \today | Threat Modelling and Designing for Security Notes |
|
Using STRIDE to Find Threats
STRIDE is a mnemonic for things that go wrong in security
- Spoofing is pretending to be something or someone you're not
- Tampering is modifying something you're not supposed to
- Repudiation is means claiming you didn't do something, regardless of whether you did or not
- Information Disclosure is about exposing information to people who are not authorized to see it
- Denial of Service are attacks designed to prevent a system from providing service, including by crashing it, making it unusably slow, or filling all its storage
- Elevation of Privilege is when a program or user is technically able to do things that they're not supposed to do