- Hands-On Web Penetration Testing with Metasploit
- Harpreet Singh Himanshu Sharma
- 82字
- 2021-06-24 16:18:48
Threat modeling
Threat modeling is a process by which potential threats can be identified and enumerated and mitigations can be prioritized. Threat modeling depends on the amount and quality of information gathered; with this information, the activity can be broken down into stages and then performed using automated tools and logical attacks.
The following is a mind map of a threat model:
(credits: http://www.pentest-standard.org/index.php/Threat_Modelling
License: GNU Free Documentation License 1.2 )
License: GNU Free Documentation License 1.2 )
Let's now have a look at vulnerability analysis.