Please enable JavaScript.
Coggle requires JavaScript to display documents.
Threat Modeling (DREAD (Puts numbers on risks, (DAMAGE + REPRODUCIBILITY +…
Threat Modeling
DREAD
Puts numbers on risks
(DAMAGE + REPRODUCIBILITY + EXPLOITABILITY + AFFECTED USERS + DISCOVERABILTIY) / 5
Damage
Reproducibility
Exploitability
Affected Users
DIscoverability
Typical Threats
Buffer Overrun
Cross-Site Scripting
Input Tampering
Session Hijacking
Identity Spoofing
Information Disclosure
STRIDE
Spoofing
Tampering
Repudiation
Information Disclosure
Denial of Service
Escalation of Privilege
Threat Types
Network
Host
Application