STRIDE
Spoofing - Falsifying identity to gain systems access
Tampering - Making unauthorized changes to data or systems
Repudiation - Forging identify of actions to data or system to deny responsibility or even blame a 3rd party
Information Disclosure - Stealing (exfiltrating) information and disclosing it to unauthorized individuals
Denial of Service - Depriving legitimate users access to data or systems
Elevation of Privilege - Transforming user account to allow it to exceed legitimate user privileges (e.g. admin account or superuser)
Funny-sad enough, these six types of cyber attacks can cause any information security officer to lose their stride. ;-)
(Source Photo: Andy Blumenthal
No comments:
Post a Comment