Security Attack
- Tags
- security
An attack or vulnerability on a digital system. A threat can [see page 58, target] a computer network, a host or an application.
There aren't any straightforward and guaranteed ways to prevent software attacks. We have no [see page 18, silver bullets]. Security is never 100%, the most we can do is reduce risk and we should instead consider non-functional security aspects from the start of a design.
Note: Malicious hackers don't create security holes, they simply [see page 17, exploit] them.
Security Threats Are difficult to prevent because there's many possible [see page 10, points] of attack that an adversary can exploit. This can range from the network, hardware, system, OS etc.
A successful attack can cost a company financially but more so in [see page 13, reputation] and trust.
We wouldn't have to spend so much time and effort on network security if we didn't have such bad software security. -- Bruce Schneir, ([see page 16, Applied Cryptography]).
See [see page 20, vulnerability distribution], and note how little an affect cryptography has on security attacks. The root of the problem is more at the design level.
The How
Attacks can target the:
- Software
- Humans
- The interaction between Software and Humans
You can find [see page 47, security issues] by:
- Static code analysis
- Fuzzing
- Penetration Testing
- Waiting for Bug Reports after release