Threat Tree

Tags

security

A [see page 65, tree] like diagram used to assess that takes a possible exploit and expands into potential vulnerabilities that can be associated with that exploit.

For example:

• compromise password How do they get the password?
  • Access an in-use password (through user)? How?
    • Phishing
  • Access from the database? How?
    • Password is in clear-text.
    • They compromised the database? How?
      • SQL injection
      • Access database directly How?
        • Database is on a publicly accessible port.
        • Database has a weak account password.
  • Guess password? How?
    • Password is weak so it was easy.
    • Password isn't long enough so they brute-forced it.