SlideShare uma empresa Scribd logo

Pro vs Reactive Approaches

Transferir como DOCX, PDF
L
Lindsey Landolfi

This document discusses proactive and reactive approaches to software security strategy. A proactive strategy involves pre-emptive actions like vulnerability assessments, risk analysis, implementing security controls, and developing continuity plans. A reactive strategy involves responsive actions after an attack like conducting damage assessments, implementing continuity plans, determining the attack source, and repairing damages. Both proactive and reactive strategies work together using a combination of activities to develop comprehensive security policies and mitigate risks throughout the software development lifecycle.

Tecnologia
1 de 12
PRO VS. REACTIVE 1 Running Head: PRO VS. REACTIVE Proactive vs. Reactive Approaches to Software Security Strategy Lindsey Landolfi Towson University Software Security Professor Charles Pak February 2012
PRO VS. REACTIVE 2 A few fundamental characteristics of computer systems are vital to consider during software development and deployment. First, there is no such thing as an un-breakable computer system and second, no unauthorized intrusion should be considered benign. Security holes in software are common; attackers exploit these software defects in order to infiltrate a system. The nature of software provides attackers with an advantage, software security must identify and mitigate all the risks while an attacker needs only to identify and exploit a single fault in order to cause damage. Developing a software security strategy and implementing associated policies and controls is necessary to mitigate the risk of attacks. The objective of a successful security strategy is to decrease costs and increase software reliability. A direct negative correlation is exhibited between security controls and security risk, therefore investments in security standards can be justified by the associated risk reduction. This paper will discuss the two major approaches to building secure software, proactive and reactive strategies. A general methodology for defining a security strategy is outlined in the following paragraphs. See Appendix A for a flow chart representing the methodology discussed for defining security strategy. It is inevitable that every software system at some point will be successfully attacked; it is fundamental to the design of a security strategy to know which kind of threats/attacks are priorities. Hence it is necessary to first conduct a threat/attack assessment to identify and determine credible threats. Different assets and artifacts have different risks associated with them; this document will focus only on issues that may affect software. Broad vulnerability categories for computer systems range from malicious attackers, non-malicious threats, and natural disasters. Threat categories specific to software security include local implementation errors, interprocedural interface errors, and design-level mistakes. Design flaws such as inconsistent error handling, language-based flaws, method overriding problems, or poor
PRO VS. REACTIVE 3 compartmentalization account for about half of software security issues. The other fifty percent is attributed to implementation risks such as buffer overflows, simple bugs, format string bugs, resource leaks, and simple race conditions, or incorrect input validation. A single attack may be executed with a variety of different techniques, therefore in addition to determining the possible threats plausible attack methodologies should also be identified. A security strategy must be customized to address the different techniques of attacks. Example attack methods include brute-force attacks specifically on authentication functions, attacking broken access-controls (ie. taking advantage of insecure IDs, executing path traversal attacks), session based attacks (ie. cookie poisoning), and exploiting inadequate data validation (ie. SQL or HTML injection, Cross-Site Scripting flaws). Additional techniques include the exploitation of conditions such as poor exception handling, race condition hazards, insecure logging practices, weak cryptography/encryption algorithms, and buffer-overflow exploitation. Efficient security and compliance is supported by a combination of proactive and reactive activities and the correlating data. A proactive strategy may also be addressed as a pre-attack strategy due to its offensive nature. A proactive strategy is comprised pre-emptive actions designed to mitigate risk and associated damages. The major benefit of a proactive strategy is it provides the opportunity to assess vulnerability and implement mitigation tactics prior to deployment and distribution of software. A proactive approach is particularly beneficial to operations that focus primarily on handling confidential information such as banks or government contractors. A proactive strategy consists of four major components including vulnerability assessment, risk analysis, mitigation investments, and a continuity of operations plan (COOP); numerous proactive activities are aspects of or directly related to these four components.
PRO VS. REACTIVE 4 Vulnerability assessments determine potential impact of a successfully executed attack, in other words it identifies the possible negative operational effects associated with a successful attack. A model based vulnerability analysis (MBVA) best supports a comprehensive and cohesive vulnerabilities analysis; it is beneficial to incorporate a collaborative yet standardized assessment model into the budget allocation of a risk management strategy in order to promote budget implementation designed to best achieve the intended risk mitigation results. Tactics employed in a MBVA include fault tree analysis and event tree analysis which produce meaningful data for evaluative purposes. A fault tree identifies the root cause and displays the cause-effect/consequence relationship organized as a hierarchy connected by logic gates (OR/AND – propagation connections). Where as an event tree analysis begins with an identified primary threat and details the sequence of possible events leading up to the major fault. Every possible combination of events is enumerated and probability assessed. The annualized rate of occurrence (ARO) of attacks applicable to the software under-development should help to determine which primary threats should be included in an event tree. There are a few weaknesses in these MBVA tactics, they are primarily focused on known threats, yet-unknown vulnerabilities are excluded from assessment and therefore the associated risks remain unmitigated/unpatched. Additionally, the volume of the information (identified vulnerabilities) may prove to be a hindrance; if the expanse of data becomes too complex (to many possibilities) it may render the analysis more difficult to interpret and to properly integrate into the risk management strategy specifically budget allocation. Vulnerability is not the same as risk; vulnerability, the probability of threat and potential impact, is an aspect of the risk equation. Risk measures potential ramifications associated to
PRO VS. REACTIVE 5 threats. Whereas a risk analysis attempts to assess and limit the potential for monetary, reputational, or legal losses a vulnerability analysis attempts to identify rank vulnerabilities in order to develop and implement appropriate risk mitigation strategies. The risk equation is a fundamental concept in security software, it is simply expressed as Risk = Threat x Vulnerability x Cost. Vulnerability and risk assessments are a valuable tool to use in resource allocation. Being aware of vulnerabilities, their significance and potential, allows for efficient allocation of resources when investing for risk mitigation. Vulnerability assessment can enhance an allocation strategy for example, choosing between an equal distribution of funding designed to protect against all threats or in a distribution in accordance with the severity and/or frequency of the event. After vulnerability and risk analyses are conducted resource allocations should be implemented towards risk mitigation efforts. Complementary combination of security policy and controls should be individualized to address the security needs and risks associated with an organization and/or its software. Examples of proactive security mechanisms include anti-virus protection, spyware scanners, and honey-pots. The best strategy to proactive security is building security into the program design. The Building Security in Maturity Model (BSIMM) is a descriptive model featuring a collaboration of observed software security activities and data from numerous industry leaders. 109 security activities are organized into 12 practices according to the Software Security Framework (SSF); the 12 practices are organized into 4 domains. BSIMM is a functional guide to software security initiatives. Additionally, BSIMM has analysis capabilities; BSIMM can be used to help determine where an organization stands in the software security initiative in comparison to what ‘everyone’ else is doing. See Appendix B for an explanation of the SSF practices and domains.
PRO VS. REACTIVE 6 Developing a continuity of operations plan (COOP) is a necessary step in a proactive software security approach. COOP is an alternative operations plan designed to provide a flexible guidelines to assist in crisis preparation and response. The primary crisis scenario in software security is when security controls are successfully breached and an attack is executed resulting in damage to the system and/or disturbance to normal functionality. Including within the COOP should be individualized plans specific for each type of threat/attack. COOP highlights the interconnection between proactive and reactive tactics. Where the development of a COOP is a proactive activity and its implementation is considered reactive. A post-attack strategy, referred to as a reactive strategy, complements a proactive approach. Reactive strategy is comprised of responsive actions that help to identify, assess, and repair attack related damages. Addressed in the following paragraphs are four major components necessary to a support an efficient reactive approach specifically conducting damage assessments, implementing a COOP, determining a source of attack, and to repair and document any resulting damages. A reactive approach may be considered to be cost beneficial as it does not negatively affect budget unless an incident occurs. Necessary incident response resources, as outlined in a disaster recovery plan, should already be incorporated into the security budget. Conducting a damage assessment it is important to assess the extent of damage cause by a successful attack. Once damages are identified restoration operations can begin, therefore it is important to assess damages as quickly and accurately as possible. If normal system functionality is compromised then the COOP should be implemented immediately in order to maintain operations. COOP will foster timely and successful emergency resolutions for a variety of attack situations, detailed within the COOP are alternative system procedures, procedures for security
PRO VS. REACTIVE 7 patch updates, information on data recovery, and more depending on the organizations operations and requirements. COOP goal is to maintain or restore organization/product functionality. Once the damages are assessed it is necessary to determine the source of attack in order to gain a better understanding of what system vulnerabilities were exploited to perpetrate the attack. Review audit and log trails to support investigations and identify possible fraudulent activities. Security policy should include requirements for management logging activities; it should be noted that logging analysis is a reactive tactic while logging maintenance is a proactive activity. For example as part of a reactive strategy, software security may be enhanced with intrusion detection and prevention systems (IDPS) the IDPS can be passive (solely for detection purposes) or reactive featuring auto-response to suspicious activity. Much of the costs associated with a system failure are correlated with the loss of service, productivity, or data during and/or after a breach. A reactive strategy supports quicker repairs. Having a workable disaster recovery plan in place will accelerate the restoration and recovery processes. It should be noted that proper documentation is necessary during all stages of the SDLC and while executing proactive and reactive security tactics such as risk or damage assessments. In a reactive strategy documentation could support investigative activities such as the reconstruction and evaluation of an attack. Good documentation practices such as consistency, reliability, comprehensibility, and accessibility are essential to establish data integrity. A security policy establishes the recommendations an organization uses to manage and protect software and its functionality. A good security policy will address the entire program, system-specific aspects, and issue-specific levels of operations. A security policy should be
PRO VS. REACTIVE 8 regularly reviewed for its effectiveness in mitigating risks. Evaluations should consider the nature, quantity, and impact of all security related incidents as well as operational requirements, security strategy and tactics, and control measures. Security policy analysis can be conducted qualitatively or quantitatively. Post-evaluation the security policy should be adjusted accordingly; policy revisions and enhancements should be coordinated with the policy weaknesses identified during evaluation. Proactive and reactive strategies work together to develop security policies and controls designed to best mitigate risk. This can be seen in how software security assurance is presented through Touchpoints. The Touchpoints use a holistic approach, a careful balance of constructive/offensive and destructive/defensive activities, to achieve comprehensive risk-based security testing and address system-wide security issues. Adherence to guidelines such as those outlined in the software security Touchpoints are necessary to build more secure software. The paragraphs below outline the seven Touchpoints ordered according to effectiveness and importance, with specific focus of either the proactive or reactive nature of the Touchpoint. Code review is a proactive activity (also known as a white hat tactic) designed to avoid implementation issues. Though code review is constructive in nature it is informed by reactive or black hat history. Architectural risk analysis is of a similar tactical nature as code review but instead it objectives are to prevent design flaws. The combination of these two activities is vital to build security into software as all threats to software can basically be categorized as either an implementation bug or design flaw. The remaining five tactics can be arranged in the order that is best suited to an organization’s security needs. Penetration testing is an active analysis conducted during a simulated attack designed to assess for proper implementation and configuration while exploiting known vulnerabilities;
PRO VS. REACTIVE 9 testing should be conducted throughout the SDLC. Penetration testing is of a reactive nature, it is a black hat activity. Efficient testing is supported by white hat information regarding software design and associated risks. The next Touchpoint employs a holistic approach, a combination of both white and black hat activities. Risk-based security tests are a security testing strategy based on known attack patterns specifically the system’s architecture (functional security testing) and an attacker’s mindset (adversarial security testing). The destructive aspect is the creation of security related artifacts such as model attack patterns; however, white hat data such as vulnerability and risk analyses are necessary to support efficient test development. Abuse cases should be conducted throughout the SDLC. An abuse case assesses what should be protected from whom and for how long based on the systems assumed behavior during an attack. They provide insight to how an attack can abuse the system (attack models). Knowledge of security requirements is necessary for the development of an abuse case, security requirements are developed using white hat information. A black hat approach is also necessary in order to derive model attack patterns. Abuse cases are a predominantly reactive activity. Security requirements and the resulting security functionality present the concept of a proactive strategy. They are designed specifically to defend against destructive (black hat) activities. Security requirements should capture both overt functional security (engineering/cryptography) and emergent characteristics (evident in attack models/patterns). Finally, it is necessary to integrate software security operations with network security. Security operations are considered a weakly a proactive activity because it is essential to security however many of the tactics executed are reactive. Security should not be an afterthought; software security should be designed to be proactive and reactive against attacks. It is beneficial to have a method in place, such as the one
PRO VS. REACTIVE 10 discussed in this paper, in order to acknowledge and mitigate security risks throughout the SDLC. Since the cost of fixing defects increases as the software progresses forward in the SDLC the best way to build security into the software is when security is considered from the beginning of the SDLC. It is important o remember that software security is not a onetime activity but an integral part of the SDLC. There is no single overarching security policy that can be applied which would effectively protect the entire IT industry. A security strategy should be individualized to each organization and in some situations the overarching strategy should be further curtailed for individual programs/products. In order to properly tailor a security strategy an organization must first establish the level of their security needs and then determined which combination of proactive and reactive strategies is associated with the lowest rates of security failure for the organization. Knowledge of the plausible software vulnerabilities and associated risks can help to determine the ideal blend of proactive or reactive approaches. While this paper has worked to establish a clear definition between these two approaches, it should be noted that proactive and reactive strategies are not mutually exclusive interactions and overlays occurs between these two major strategies. The general goal of a software security system has both proactive and reactive elements, to have a fault tolerant design and maximum system availability in case an attack is perpetrated.
PRO VS. REACTIVE 11 Appendix A: Security Strategy Threat/attack assessment Per - attack/threat develop: Proactive Strategy Vulnerability assessment Risk analysis Mitigation investments (policies/controls) Continuity of operations plan (COOP) Reactive Strategy Damage assessment Implement COOP Determine source of attack Repair and document damages Review outcome & policy effectiveness Adjust policy accordingly Appendix B: Average maturity level from all 42 BSIMM firms Software Security Framework (SSF): INTELLIGENCE: 1. ATTACK MODELS: Threat modeling, abuse cases, data classification, technology- specific attack patterns. 2. SECURITY FEATURES AND DESIGN: Security patterns for major security controls, middleware frameworks for controls, proactive security guidance.
PRO VS. REACTIVE 12 3. STANDARDS AND REQUIREMENTS: Explicit security requirements, recommended COTS, standards for major security controls, standards for technologies in use, standards review board. SSDL TOUCHPOINTS: 1. ARCHITECTURE ANALYSIS: Capturing software architecture diagrams, applying lists of risks and threats, adopting a process for review, building an assessment and remediation plan. 2. CODE REVIEW: Use of code review tools, development of customized rules, profiles for tool use by different roles, manual analysis, ranking/measuring results. 3. SECURITY TESTING: Use of black box security tools in QA, risk driven white box testing, application of the attack model, code coverage analysis. DEPLOYMENT: 1. PENETRATION TESTING: Vulnerabilities in final configuration, feeds to defect management and mitigation. 2. SOFTWARE ENVIRONMENT: OS and platform patching, Web application firewalls, installation and configuration documentation, application monitoring, change management, code signing. 3. CONFIGURATION MNGT & VULNERABILITY MNGT: Patching and updating applications, version control, defect tracking and remediation, incident handling. GOVERNANCE: 1. STRATEGY AND METRICS: Planning, assigning roles and responsibilities, identifying software security goals, determining budgets, identifying metrics and gates. 2. COMPLIANCE AND POLICY: Identifying controls for compliance regimens, developing contractual controls (COTS SLA),setting organizational policy, auditing against policy. 3. TRAINING The software security framework (SSF). (n.d.). BSIMM3. Retrieved February 25, 2012, from Cigital website: http://bsimm.com/online/

Recomendados

Risk management in software engineering
Risk management in software engineeringRisk management in software engineering
Risk management in software engineeringdeep sharma
 
Risk Mitigation, Monitoring and Management Plan (RMMM)
Risk Mitigation, Monitoring and Management Plan (RMMM)Risk Mitigation, Monitoring and Management Plan (RMMM)
Risk Mitigation, Monitoring and Management Plan (RMMM)Navjyotsinh Jadeja
 
risk management
risk managementrisk management
risk managementArti Maggo
 
Risk Management Maturity Model (RMMM)
Risk Management Maturity Model (RMMM)Risk Management Maturity Model (RMMM)
Risk Management Maturity Model (RMMM)Adnan Naseem
 
Software Engineering Risk Management Software Application
Software Engineering Risk Management Software ApplicationSoftware Engineering Risk Management Software Application
Software Engineering Risk Management Software Applicationguestfea9c55
 
Risk management in Software Industry
Risk management in Software IndustryRisk management in Software Industry
Risk management in Software IndustryRehan Akhtar
 
Risk-management
Risk-management Risk-management
Risk-managementUmesh Gupta
 
Risk management
Risk managementRisk management
Risk managementNaveen Menon
 

Recomendados

Risk management in software engineering
Risk management in software engineeringRisk management in software engineering
Risk management in software engineeringdeep sharma
 
Risk Mitigation, Monitoring and Management Plan (RMMM)
Risk Mitigation, Monitoring and Management Plan (RMMM)Risk Mitigation, Monitoring and Management Plan (RMMM)
Risk Mitigation, Monitoring and Management Plan (RMMM)Navjyotsinh Jadeja
 
risk management
risk managementrisk management
risk managementArti Maggo
 
Risk Management Maturity Model (RMMM)
Risk Management Maturity Model (RMMM)Risk Management Maturity Model (RMMM)
Risk Management Maturity Model (RMMM)Adnan Naseem
 
Software Engineering Risk Management Software Application
Software Engineering Risk Management Software ApplicationSoftware Engineering Risk Management Software Application
Software Engineering Risk Management Software Applicationguestfea9c55
 
Risk management in Software Industry
Risk management in Software IndustryRisk management in Software Industry
Risk management in Software IndustryRehan Akhtar
 
Risk-management
Risk-management Risk-management
Risk-managementUmesh Gupta
 
Risk management
Risk managementRisk management
Risk managementNaveen Menon
 
Risk analysis
Risk analysisRisk analysis
Risk analysissaurabhshertukde
 
Risk analysis and management
Risk analysis and managementRisk analysis and management
Risk analysis and managementgnitu
 
risk-management-121021125051-phpapp02 (1).pdf
risk-management-121021125051-phpapp02 (1).pdfrisk-management-121021125051-phpapp02 (1).pdf
risk-management-121021125051-phpapp02 (1).pdfPriyanshTan
 
Risk management
Risk managementRisk management
Risk managementUsman Mukhtar
 
Risk Management In Software Product Development
Risk Management In Software Product DevelopmentRisk Management In Software Product Development
Risk Management In Software Product DevelopmentAmandeep Midha
 
Risk Management
Risk ManagementRisk Management
Risk ManagementAshis Kumar Chanda
 
Software Engineering (Risk Management)
Software Engineering (Risk Management)Software Engineering (Risk Management)
Software Engineering (Risk Management)ShudipPal
 
Unit 8-risk manaegement (1) -
Unit 8-risk manaegement (1) - Unit 8-risk manaegement (1) -
Unit 8-risk manaegement (1) - Shashi Kumar
 
Risk management(software engineering)
Risk management(software engineering)Risk management(software engineering)
Risk management(software engineering)Priya Tomar
 
Iwsm2014 defining technical risk in software development (vard antinyan)
Iwsm2014 defining technical risk in software development (vard antinyan)Iwsm2014 defining technical risk in software development (vard antinyan)
Iwsm2014 defining technical risk in software development (vard antinyan)Nesma
 
Risk management
Risk managementRisk management
Risk managementMeghana Shirguppi
 
Software Risk Management
Software Risk ManagementSoftware Risk Management
Software Risk ManagementGunjan Patel
 
Project risk management
Project risk managementProject risk management
Project risk managementYogender Singh Rana
 
Technical Risk Management
Technical Risk ManagementTechnical Risk Management
Technical Risk ManagementGlen Alleman
 
RMMM-Risk Management,Mitigation and Monitoring.
RMMM-Risk Management,Mitigation and Monitoring.RMMM-Risk Management,Mitigation and Monitoring.
RMMM-Risk Management,Mitigation and Monitoring.Aparna Nayak
 
Pressman ch-25-risk-management
Pressman ch-25-risk-managementPressman ch-25-risk-management
Pressman ch-25-risk-managementzeeshanwrch
 
Bertrand's Individual Essay
Bertrand's Individual EssayBertrand's Individual Essay
Bertrand's Individual EssayPrince Bertrand
 
Risk Management by Roger Pressman
Risk Management by Roger PressmanRisk Management by Roger Pressman
Risk Management by Roger PressmanRogerio P C do Nascimento
 
Risk assesment template
Risk assesment templateRisk assesment template
Risk assesment templateGlen Alleman
 
Risk assesment
Risk assesmentRisk assesment
Risk assesmentArvind Kumar
 
The Joy of Proactive Security
The Joy of Proactive SecurityThe Joy of Proactive Security
The Joy of Proactive SecurityAndy Hoernecke
 
Test process
Test processTest process
Test processMohan Krishna Kona
 

Mais conteúdo relacionado

Mais procurados

Risk analysis and management
Risk analysis and managementRisk analysis and management
Risk analysis and managementgnitu
 
risk-management-121021125051-phpapp02 (1).pdf
risk-management-121021125051-phpapp02 (1).pdfrisk-management-121021125051-phpapp02 (1).pdf
risk-management-121021125051-phpapp02 (1).pdfPriyanshTan
 
Risk Management In Software Product Development
Risk Management In Software Product DevelopmentRisk Management In Software Product Development
Risk Management In Software Product DevelopmentAmandeep Midha
 
Software Engineering (Risk Management)
Software Engineering (Risk Management)Software Engineering (Risk Management)
Software Engineering (Risk Management)ShudipPal
 
Unit 8-risk manaegement (1) -
Unit 8-risk manaegement (1) - Unit 8-risk manaegement (1) -
Unit 8-risk manaegement (1) - Shashi Kumar
 
Risk management(software engineering)
Risk management(software engineering)Risk management(software engineering)
Risk management(software engineering)Priya Tomar
 
Iwsm2014 defining technical risk in software development (vard antinyan)
Iwsm2014 defining technical risk in software development (vard antinyan)Iwsm2014 defining technical risk in software development (vard antinyan)
Iwsm2014 defining technical risk in software development (vard antinyan)Nesma
 
Software Risk Management
Software Risk ManagementSoftware Risk Management
Software Risk ManagementGunjan Patel
 
Technical Risk Management
Technical Risk ManagementTechnical Risk Management
Technical Risk ManagementGlen Alleman
 
RMMM-Risk Management,Mitigation and Monitoring.
RMMM-Risk Management,Mitigation and Monitoring.RMMM-Risk Management,Mitigation and Monitoring.
RMMM-Risk Management,Mitigation and Monitoring.Aparna Nayak
 
Pressman ch-25-risk-management
Pressman ch-25-risk-managementPressman ch-25-risk-management
Pressman ch-25-risk-managementzeeshanwrch
 
Bertrand's Individual Essay
Bertrand's Individual EssayBertrand's Individual Essay
Bertrand's Individual EssayPrince Bertrand
 
Risk assesment template
Risk assesment templateRisk assesment template
Risk assesment templateGlen Alleman
 

Mais procurados (20)

Risk analysis
Risk analysisRisk analysis
Risk analysis
 
Risk analysis and management
Risk analysis and managementRisk analysis and management
Risk analysis and management
 
risk-management-121021125051-phpapp02 (1).pdf
risk-management-121021125051-phpapp02 (1).pdfrisk-management-121021125051-phpapp02 (1).pdf
risk-management-121021125051-phpapp02 (1).pdf
 
Risk management
Risk managementRisk management
Risk management
 
Risk Management In Software Product Development
Risk Management In Software Product DevelopmentRisk Management In Software Product Development
Risk Management In Software Product Development
 
Risk Management
Risk ManagementRisk Management
Risk Management
 
Software Engineering (Risk Management)
Software Engineering (Risk Management)Software Engineering (Risk Management)
Software Engineering (Risk Management)
 
Unit 8-risk manaegement (1) -
Unit 8-risk manaegement (1) - Unit 8-risk manaegement (1) -
Unit 8-risk manaegement (1) -
 
Risk management(software engineering)
Risk management(software engineering)Risk management(software engineering)
Risk management(software engineering)
 
Iwsm2014 defining technical risk in software development (vard antinyan)
Iwsm2014 defining technical risk in software development (vard antinyan)Iwsm2014 defining technical risk in software development (vard antinyan)
Iwsm2014 defining technical risk in software development (vard antinyan)
 
Risk management
Risk managementRisk management
Risk management
 
Software Risk Management
Software Risk ManagementSoftware Risk Management
Software Risk Management
 
Project risk management
Project risk managementProject risk management
Project risk management
 
Technical Risk Management
Technical Risk ManagementTechnical Risk Management
Technical Risk Management
 
RMMM-Risk Management,Mitigation and Monitoring.
RMMM-Risk Management,Mitigation and Monitoring.RMMM-Risk Management,Mitigation and Monitoring.
RMMM-Risk Management,Mitigation and Monitoring.
 
Pressman ch-25-risk-management
Pressman ch-25-risk-managementPressman ch-25-risk-management
Pressman ch-25-risk-management
 
Bertrand's Individual Essay
Bertrand's Individual EssayBertrand's Individual Essay
Bertrand's Individual Essay
 
Risk Management by Roger Pressman
Risk Management by Roger PressmanRisk Management by Roger Pressman
Risk Management by Roger Pressman
 
Risk assesment template
Risk assesment templateRisk assesment template
Risk assesment template
 
Risk assesment
Risk assesmentRisk assesment
Risk assesment
 

Destaque

The Joy of Proactive Security
The Joy of Proactive SecurityThe Joy of Proactive Security
The Joy of Proactive SecurityAndy Hoernecke
 
Software test management
Software test managementSoftware test management
Software test managementVishad Garg
 
ISTQB Advance Material
ISTQB Advance MaterialISTQB Advance Material
ISTQB Advance MaterialMandar Kharkar
 
Implementation of strategy
Implementation of strategyImplementation of strategy
Implementation of strategyDr. Firdaus Khan
 
Cardiovascular risk factors in children
Cardiovascular risk factors in childrenCardiovascular risk factors in children
Cardiovascular risk factors in childrenDr Pankaj Yadav
 
GT Presentation
GT PresentationGT Presentation
GT Presentationjoellewong
 
Coustic Glo Presentation
Coustic Glo PresentationCoustic Glo Presentation
Coustic Glo PresentationCousticGloVic
 
Come committment, loyalty e fattori di mercato incidono sulla crescita del br...
Come committment, loyalty e fattori di mercato incidono sulla crescita del br...Come committment, loyalty e fattori di mercato incidono sulla crescita del br...
Come committment, loyalty e fattori di mercato incidono sulla crescita del br...Osservatorio Fedeltà Università di Parma
 

Destaque (17)

The Joy of Proactive Security
The Joy of Proactive SecurityThe Joy of Proactive Security
The Joy of Proactive Security
 
Test process
Test processTest process
Test process
 
Software test management
Software test managementSoftware test management
Software test management
 
ISTQB Advance Material
ISTQB Advance MaterialISTQB Advance Material
ISTQB Advance Material
 
Istqb ctal tm
Istqb ctal tmIstqb ctal tm
Istqb ctal tm
 
Implementation of strategy
Implementation of strategyImplementation of strategy
Implementation of strategy
 
Strategic Planning & Management
Strategic Planning & ManagementStrategic Planning & Management
Strategic Planning & Management
 
ISTQB Advanced Test Manager Training 2012 - Testing Process
ISTQB Advanced Test Manager Training 2012 - Testing Process ISTQB Advanced Test Manager Training 2012 - Testing Process
ISTQB Advanced Test Manager Training 2012 - Testing Process
 
ISTQB Technical Test Analyst 2012 Training - Structure-Based Testing
ISTQB Technical Test Analyst 2012 Training - Structure-Based TestingISTQB Technical Test Analyst 2012 Training - Structure-Based Testing
ISTQB Technical Test Analyst 2012 Training - Structure-Based Testing
 
Maintenance strategies
Maintenance strategiesMaintenance strategies
Maintenance strategies
 
Cardiovascular risk factors in children
Cardiovascular risk factors in childrenCardiovascular risk factors in children
Cardiovascular risk factors in children
 
Il futuro della Loyalty è mobile? - Klikkapromo-Pazzi per le offerte
Il futuro della Loyalty è mobile? - Klikkapromo-Pazzi per le offerteIl futuro della Loyalty è mobile? - Klikkapromo-Pazzi per le offerte
Il futuro della Loyalty è mobile? - Klikkapromo-Pazzi per le offerte
 
GT Presentation
GT PresentationGT Presentation
GT Presentation
 
Coustic Glo Presentation
Coustic Glo PresentationCoustic Glo Presentation
Coustic Glo Presentation
 
Come committment, loyalty e fattori di mercato incidono sulla crescita del br...
Come committment, loyalty e fattori di mercato incidono sulla crescita del br...Come committment, loyalty e fattori di mercato incidono sulla crescita del br...
Come committment, loyalty e fattori di mercato incidono sulla crescita del br...
 
Income generating services
Income generating servicesIncome generating services
Income generating services
 
Understanding culture
Understanding cultureUnderstanding culture
Understanding culture
 

Semelhante a Pro vs Reactive Approaches

US Government Software Assurance and Security Initiativesi
US Government Software Assurance and Security InitiativesiUS Government Software Assurance and Security Initiativesi
US Government Software Assurance and Security InitiativesiLindsey Landolfi
 
Security-First Development_ Safeguarding Your Software from Threats.pdf
Security-First Development_ Safeguarding Your Software from Threats.pdfSecurity-First Development_ Safeguarding Your Software from Threats.pdf
Security-First Development_ Safeguarding Your Software from Threats.pdfTyrion Lannister
 
Information Technology Risk Management
Information Technology Risk ManagementInformation Technology Risk Management
Information Technology Risk ManagementGlen Alleman
 
Vulnerability Management.pdf
Vulnerability Management.pdfVulnerability Management.pdf
Vulnerability Management.pdfIntuitiveCloud
 
Critical analysis of an integrative contingency model of software project ris...
Critical analysis of an integrative contingency model of software project ris...Critical analysis of an integrative contingency model of software project ris...
Critical analysis of an integrative contingency model of software project ris...AYESHA JAVED
 
How can we predict vulnerabilities to prevent them from causing data losses
How can we predict vulnerabilities to prevent them from causing data lossesHow can we predict vulnerabilities to prevent them from causing data losses
How can we predict vulnerabilities to prevent them from causing data lossesAbhishek BV
 
Which Security Testing Technique is Best for Testing Applications.pdf
Which Security Testing Technique is Best for Testing Applications.pdfWhich Security Testing Technique is Best for Testing Applications.pdf
Which Security Testing Technique is Best for Testing Applications.pdfAlpha BOLD
 
Risk management planExecutive SummaryThe past.docx
Risk management planExecutive SummaryThe past.docxRisk management planExecutive SummaryThe past.docx
Risk management planExecutive SummaryThe past.docxSUBHI7
 
Five Mistakes of Vulnerability Management
Five Mistakes of Vulnerability ManagementFive Mistakes of Vulnerability Management
Five Mistakes of Vulnerability ManagementAnton Chuvakin
 
ESSENTIAL ACTIVITIES FOR SECURE SOFTWARE DEVELOPMENT
ESSENTIAL ACTIVITIES FOR SECURE SOFTWARE DEVELOPMENTESSENTIAL ACTIVITIES FOR SECURE SOFTWARE DEVELOPMENT
ESSENTIAL ACTIVITIES FOR SECURE SOFTWARE DEVELOPMENTijesajournal
 
Attack graph based risk assessment and optimisation approach
Attack graph based risk assessment and optimisation approachAttack graph based risk assessment and optimisation approach
Attack graph based risk assessment and optimisation approachIJNSA Journal
 
IT Risk managment combined
IT Risk managment combinedIT Risk managment combined
IT Risk managment combinedGlen Alleman
 
Assignment 1.docx
Assignment 1.docxAssignment 1.docx
Assignment 1.docxUmair Abbas
 
The security risk management guide
The security risk management guideThe security risk management guide
The security risk management guideSergey Erohin
 
The security risk management guide
The security risk management guideThe security risk management guide
The security risk management guideSergey Erohin
 
Vulnerability scanners a proactive approach to assess web application security
Vulnerability scanners a proactive approach to assess web application securityVulnerability scanners a proactive approach to assess web application security
Vulnerability scanners a proactive approach to assess web application securityijcsa
 
DEPARTMENT CYBERSECURITY What’s Your IT Risk Approa
DEPARTMENT CYBERSECURITY What’s Your IT Risk ApproaDEPARTMENT CYBERSECURITY What’s Your IT Risk Approa
DEPARTMENT CYBERSECURITY What’s Your IT Risk ApproaLinaCovington707
 
6 Strategies to Prevent a Ransomware Attack.ppt
6 Strategies to Prevent a Ransomware Attack.ppt6 Strategies to Prevent a Ransomware Attack.ppt
6 Strategies to Prevent a Ransomware Attack.pptcybernewslive
 
A Risk Analysis and Management in Software Engineering
A Risk Analysis and Management in Software Engineering A Risk Analysis and Management in Software Engineering
A Risk Analysis and Management in Software Engineering MuhammadTalha436
 
4Brian DennisonJohn DensonIT454 -1504B-01Mon, 121415.docx
4Brian DennisonJohn DensonIT454 -1504B-01Mon, 121415.docx4Brian DennisonJohn DensonIT454 -1504B-01Mon, 121415.docx
4Brian DennisonJohn DensonIT454 -1504B-01Mon, 121415.docxgilbertkpeters11344
 

Semelhante a Pro vs Reactive Approaches (20)

US Government Software Assurance and Security Initiativesi
US Government Software Assurance and Security InitiativesiUS Government Software Assurance and Security Initiativesi
US Government Software Assurance and Security Initiativesi
 
Security-First Development_ Safeguarding Your Software from Threats.pdf
Security-First Development_ Safeguarding Your Software from Threats.pdfSecurity-First Development_ Safeguarding Your Software from Threats.pdf
Security-First Development_ Safeguarding Your Software from Threats.pdf
 
Information Technology Risk Management
Information Technology Risk ManagementInformation Technology Risk Management
Information Technology Risk Management
 
Vulnerability Management.pdf
Vulnerability Management.pdfVulnerability Management.pdf
Vulnerability Management.pdf
 
Critical analysis of an integrative contingency model of software project ris...
Critical analysis of an integrative contingency model of software project ris...Critical analysis of an integrative contingency model of software project ris...
Critical analysis of an integrative contingency model of software project ris...
 
How can we predict vulnerabilities to prevent them from causing data losses
How can we predict vulnerabilities to prevent them from causing data lossesHow can we predict vulnerabilities to prevent them from causing data losses
How can we predict vulnerabilities to prevent them from causing data losses
 
Which Security Testing Technique is Best for Testing Applications.pdf
Which Security Testing Technique is Best for Testing Applications.pdfWhich Security Testing Technique is Best for Testing Applications.pdf
Which Security Testing Technique is Best for Testing Applications.pdf
 
Risk management planExecutive SummaryThe past.docx
Risk management planExecutive SummaryThe past.docxRisk management planExecutive SummaryThe past.docx
Risk management planExecutive SummaryThe past.docx
 
Five Mistakes of Vulnerability Management
Five Mistakes of Vulnerability ManagementFive Mistakes of Vulnerability Management
Five Mistakes of Vulnerability Management
 
ESSENTIAL ACTIVITIES FOR SECURE SOFTWARE DEVELOPMENT
ESSENTIAL ACTIVITIES FOR SECURE SOFTWARE DEVELOPMENTESSENTIAL ACTIVITIES FOR SECURE SOFTWARE DEVELOPMENT
ESSENTIAL ACTIVITIES FOR SECURE SOFTWARE DEVELOPMENT
 
Attack graph based risk assessment and optimisation approach
Attack graph based risk assessment and optimisation approachAttack graph based risk assessment and optimisation approach
Attack graph based risk assessment and optimisation approach
 
IT Risk managment combined
IT Risk managment combinedIT Risk managment combined
IT Risk managment combined
 
Assignment 1.docx
Assignment 1.docxAssignment 1.docx
Assignment 1.docx
 
The security risk management guide
The security risk management guideThe security risk management guide
The security risk management guide
 
The security risk management guide
The security risk management guideThe security risk management guide
The security risk management guide
 
Vulnerability scanners a proactive approach to assess web application security
Vulnerability scanners a proactive approach to assess web application securityVulnerability scanners a proactive approach to assess web application security
Vulnerability scanners a proactive approach to assess web application security
 
DEPARTMENT CYBERSECURITY What’s Your IT Risk Approa
DEPARTMENT CYBERSECURITY What’s Your IT Risk ApproaDEPARTMENT CYBERSECURITY What’s Your IT Risk Approa
DEPARTMENT CYBERSECURITY What’s Your IT Risk Approa
 
6 Strategies to Prevent a Ransomware Attack.ppt
6 Strategies to Prevent a Ransomware Attack.ppt6 Strategies to Prevent a Ransomware Attack.ppt
6 Strategies to Prevent a Ransomware Attack.ppt
 
A Risk Analysis and Management in Software Engineering
A Risk Analysis and Management in Software Engineering A Risk Analysis and Management in Software Engineering
A Risk Analysis and Management in Software Engineering
 
4Brian DennisonJohn DensonIT454 -1504B-01Mon, 121415.docx
4Brian DennisonJohn DensonIT454 -1504B-01Mon, 121415.docx4Brian DennisonJohn DensonIT454 -1504B-01Mon, 121415.docx
4Brian DennisonJohn DensonIT454 -1504B-01Mon, 121415.docx
 

Mais de Lindsey Landolfi

Department of Defense, U.S. Northern Command, National Guard, and Defense Su...
Department of Defense, U.S. Northern Command, National Guard, and Defense Su...Department of Defense, U.S. Northern Command, National Guard, and Defense Su...
Department of Defense, U.S. Northern Command, National Guard, and Defense Su...Lindsey Landolfi
 
The Risks and Security Standards of WLAN Technologies: Bluetooth and Wireles...
The Risks and Security Standards of WLAN Technologies: Bluetooth and Wireles...The Risks and Security Standards of WLAN Technologies: Bluetooth and Wireles...
The Risks and Security Standards of WLAN Technologies: Bluetooth and Wireles...Lindsey Landolfi
 
Insider Attacks: Theft of Intellectual and Proprietary Data
Insider Attacks: Theft of Intellectual and Proprietary DataInsider Attacks: Theft of Intellectual and Proprietary Data
Insider Attacks: Theft of Intellectual and Proprietary DataLindsey Landolfi
 
The Integration of Geospatial Technologies: GIS and GPS
The Integration of Geospatial Technologies: GIS and GPS The Integration of Geospatial Technologies: GIS and GPS
The Integration of Geospatial Technologies: GIS and GPS Lindsey Landolfi
 
Nuclear Reactors, Materials, and Waste CIKR Sector: Case Study of the Nuclea...
Nuclear Reactors, Materials, and Waste CIKR Sector: Case Study of the Nuclea...Nuclear Reactors, Materials, and Waste CIKR Sector: Case Study of the Nuclea...
Nuclear Reactors, Materials, and Waste CIKR Sector: Case Study of the Nuclea...Lindsey Landolfi
 
Nuclear Reactors, Materials, and Waste CIKR Sector: Case Study of the Nuclea...
Nuclear Reactors, Materials, and Waste CIKR Sector: Case Study of the Nuclea...Nuclear Reactors, Materials, and Waste CIKR Sector: Case Study of the Nuclea...
Nuclear Reactors, Materials, and Waste CIKR Sector: Case Study of the Nuclea...Lindsey Landolfi
 
Towson University: COOP: Conduct of Classes During Campus Closings
Towson University: COOP: Conduct of Classes During Campus ClosingsTowson University: COOP: Conduct of Classes During Campus Closings
Towson University: COOP: Conduct of Classes During Campus ClosingsLindsey Landolfi
 
Generic College: Crisis Communication Plan
Generic College: Crisis Communication PlanGeneric College: Crisis Communication Plan
Generic College: Crisis Communication PlanLindsey Landolfi
 

Mais de Lindsey Landolfi (9)

Department of Defense, U.S. Northern Command, National Guard, and Defense Su...
Department of Defense, U.S. Northern Command, National Guard, and Defense Su...Department of Defense, U.S. Northern Command, National Guard, and Defense Su...
Department of Defense, U.S. Northern Command, National Guard, and Defense Su...
 
The Risks and Security Standards of WLAN Technologies: Bluetooth and Wireles...
The Risks and Security Standards of WLAN Technologies: Bluetooth and Wireles...The Risks and Security Standards of WLAN Technologies: Bluetooth and Wireles...
The Risks and Security Standards of WLAN Technologies: Bluetooth and Wireles...
 
Insider Attacks: Theft of Intellectual and Proprietary Data
Insider Attacks: Theft of Intellectual and Proprietary DataInsider Attacks: Theft of Intellectual and Proprietary Data
Insider Attacks: Theft of Intellectual and Proprietary Data
 
E-commerce Security
E-commerce SecurityE-commerce Security
E-commerce Security
 
The Integration of Geospatial Technologies: GIS and GPS
The Integration of Geospatial Technologies: GIS and GPS The Integration of Geospatial Technologies: GIS and GPS
The Integration of Geospatial Technologies: GIS and GPS
 
Nuclear Reactors, Materials, and Waste CIKR Sector: Case Study of the Nuclea...
Nuclear Reactors, Materials, and Waste CIKR Sector: Case Study of the Nuclea...Nuclear Reactors, Materials, and Waste CIKR Sector: Case Study of the Nuclea...
Nuclear Reactors, Materials, and Waste CIKR Sector: Case Study of the Nuclea...
 
Nuclear Reactors, Materials, and Waste CIKR Sector: Case Study of the Nuclea...
Nuclear Reactors, Materials, and Waste CIKR Sector: Case Study of the Nuclea...Nuclear Reactors, Materials, and Waste CIKR Sector: Case Study of the Nuclea...
Nuclear Reactors, Materials, and Waste CIKR Sector: Case Study of the Nuclea...
 
Towson University: COOP: Conduct of Classes During Campus Closings
Towson University: COOP: Conduct of Classes During Campus ClosingsTowson University: COOP: Conduct of Classes During Campus Closings
Towson University: COOP: Conduct of Classes During Campus Closings
 
Generic College: Crisis Communication Plan
Generic College: Crisis Communication PlanGeneric College: Crisis Communication Plan
Generic College: Crisis Communication Plan
 

Último

CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):comworks
 
The Future of Software Development - Devin AI Innovative Approach.pdf
The Future of Software Development - Devin AI Innovative Approach.pdfThe Future of Software Development - Devin AI Innovative Approach.pdf
The Future of Software Development - Devin AI Innovative Approach.pdfSeasiaInfotech2
 
SAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptxSAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptxNavinnSomaal
 
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage Cost
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage CostLeverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage Cost
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage CostZilliz
 
Human Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsHuman Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsMark Billinghurst
 
Story boards and shot lists for my a level piece
Story boards and shot lists for my a level pieceStory boards and shot lists for my a level piece
Story boards and shot lists for my a level piececharlottematthew16
 
SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024Lorenzo Miniero
 
Unleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubUnleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubKalema Edgar
 
DevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache MavenDevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache MavenHervé Boutemy
 
Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Scott Keck-Warren
 
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Mark Simos
 
Connect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationConnect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationSlibray Presentation
 
Install Stable Diffusion in windows machine
Install Stable Diffusion in windows machineInstall Stable Diffusion in windows machine
Install Stable Diffusion in windows machinePadma Pradeep
 
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek SchlawackFwdays
 
Powerpoint exploring the locations used in television show Time Clash
Powerpoint exploring the locations used in television show Time ClashPowerpoint exploring the locations used in television show Time Clash
Powerpoint exploring the locations used in television show Time Clashcharlottematthew16
 
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
"Federated learning: out of reach no matter how close",Oleksandr LapshynFwdays
 
Gen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfGen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfAddepto
 
Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 3652toLead Limited
 
Commit 2024 - Secret Management made easy
Commit 2024 - Secret Management made easyCommit 2024 - Secret Management made easy
Commit 2024 - Secret Management made easyAlfredo García Lavilla
 

Último (20)

CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):
 
The Future of Software Development - Devin AI Innovative Approach.pdf
The Future of Software Development - Devin AI Innovative Approach.pdfThe Future of Software Development - Devin AI Innovative Approach.pdf
The Future of Software Development - Devin AI Innovative Approach.pdf
 
SAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptxSAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptx
 
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage Cost
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage CostLeverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage Cost
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage Cost
 
Human Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsHuman Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR Systems
 
Story boards and shot lists for my a level piece
Story boards and shot lists for my a level pieceStory boards and shot lists for my a level piece
Story boards and shot lists for my a level piece
 
SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024
 
Unleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubUnleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding Club
 
DevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache MavenDevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache Maven
 
Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024
 
DMCC Future of Trade Web3 - Special Edition
DMCC Future of Trade Web3 - Special EditionDMCC Future of Trade Web3 - Special Edition
DMCC Future of Trade Web3 - Special Edition
 
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
 
Connect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationConnect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck Presentation
 
Install Stable Diffusion in windows machine
Install Stable Diffusion in windows machineInstall Stable Diffusion in windows machine
Install Stable Diffusion in windows machine
 
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
 
Powerpoint exploring the locations used in television show Time Clash
Powerpoint exploring the locations used in television show Time ClashPowerpoint exploring the locations used in television show Time Clash
Powerpoint exploring the locations used in television show Time Clash
 
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
 
Gen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfGen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdf
 
Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365
 
Commit 2024 - Secret Management made easy
Commit 2024 - Secret Management made easyCommit 2024 - Secret Management made easy
Commit 2024 - Secret Management made easy
 

Pro vs Reactive Approaches

  • 1. PRO VS. REACTIVE 1 Running Head: PRO VS. REACTIVE Proactive vs. Reactive Approaches to Software Security Strategy Lindsey Landolfi Towson University Software Security Professor Charles Pak February 2012
  • 2. PRO VS. REACTIVE 2 A few fundamental characteristics of computer systems are vital to consider during software development and deployment. First, there is no such thing as an un-breakable computer system and second, no unauthorized intrusion should be considered benign. Security holes in software are common; attackers exploit these software defects in order to infiltrate a system. The nature of software provides attackers with an advantage, software security must identify and mitigate all the risks while an attacker needs only to identify and exploit a single fault in order to cause damage. Developing a software security strategy and implementing associated policies and controls is necessary to mitigate the risk of attacks. The objective of a successful security strategy is to decrease costs and increase software reliability. A direct negative correlation is exhibited between security controls and security risk, therefore investments in security standards can be justified by the associated risk reduction. This paper will discuss the two major approaches to building secure software, proactive and reactive strategies. A general methodology for defining a security strategy is outlined in the following paragraphs. See Appendix A for a flow chart representing the methodology discussed for defining security strategy. It is inevitable that every software system at some point will be successfully attacked; it is fundamental to the design of a security strategy to know which kind of threats/attacks are priorities. Hence it is necessary to first conduct a threat/attack assessment to identify and determine credible threats. Different assets and artifacts have different risks associated with them; this document will focus only on issues that may affect software. Broad vulnerability categories for computer systems range from malicious attackers, non-malicious threats, and natural disasters. Threat categories specific to software security include local implementation errors, interprocedural interface errors, and design-level mistakes. Design flaws such as inconsistent error handling, language-based flaws, method overriding problems, or poor
  • 3. PRO VS. REACTIVE 3 compartmentalization account for about half of software security issues. The other fifty percent is attributed to implementation risks such as buffer overflows, simple bugs, format string bugs, resource leaks, and simple race conditions, or incorrect input validation. A single attack may be executed with a variety of different techniques, therefore in addition to determining the possible threats plausible attack methodologies should also be identified. A security strategy must be customized to address the different techniques of attacks. Example attack methods include brute-force attacks specifically on authentication functions, attacking broken access-controls (ie. taking advantage of insecure IDs, executing path traversal attacks), session based attacks (ie. cookie poisoning), and exploiting inadequate data validation (ie. SQL or HTML injection, Cross-Site Scripting flaws). Additional techniques include the exploitation of conditions such as poor exception handling, race condition hazards, insecure logging practices, weak cryptography/encryption algorithms, and buffer-overflow exploitation. Efficient security and compliance is supported by a combination of proactive and reactive activities and the correlating data. A proactive strategy may also be addressed as a pre-attack strategy due to its offensive nature. A proactive strategy is comprised pre-emptive actions designed to mitigate risk and associated damages. The major benefit of a proactive strategy is it provides the opportunity to assess vulnerability and implement mitigation tactics prior to deployment and distribution of software. A proactive approach is particularly beneficial to operations that focus primarily on handling confidential information such as banks or government contractors. A proactive strategy consists of four major components including vulnerability assessment, risk analysis, mitigation investments, and a continuity of operations plan (COOP); numerous proactive activities are aspects of or directly related to these four components.
  • 4. PRO VS. REACTIVE 4 Vulnerability assessments determine potential impact of a successfully executed attack, in other words it identifies the possible negative operational effects associated with a successful attack. A model based vulnerability analysis (MBVA) best supports a comprehensive and cohesive vulnerabilities analysis; it is beneficial to incorporate a collaborative yet standardized assessment model into the budget allocation of a risk management strategy in order to promote budget implementation designed to best achieve the intended risk mitigation results. Tactics employed in a MBVA include fault tree analysis and event tree analysis which produce meaningful data for evaluative purposes. A fault tree identifies the root cause and displays the cause-effect/consequence relationship organized as a hierarchy connected by logic gates (OR/AND – propagation connections). Where as an event tree analysis begins with an identified primary threat and details the sequence of possible events leading up to the major fault. Every possible combination of events is enumerated and probability assessed. The annualized rate of occurrence (ARO) of attacks applicable to the software under-development should help to determine which primary threats should be included in an event tree. There are a few weaknesses in these MBVA tactics, they are primarily focused on known threats, yet-unknown vulnerabilities are excluded from assessment and therefore the associated risks remain unmitigated/unpatched. Additionally, the volume of the information (identified vulnerabilities) may prove to be a hindrance; if the expanse of data becomes too complex (to many possibilities) it may render the analysis more difficult to interpret and to properly integrate into the risk management strategy specifically budget allocation. Vulnerability is not the same as risk; vulnerability, the probability of threat and potential impact, is an aspect of the risk equation. Risk measures potential ramifications associated to
  • 5. PRO VS. REACTIVE 5 threats. Whereas a risk analysis attempts to assess and limit the potential for monetary, reputational, or legal losses a vulnerability analysis attempts to identify rank vulnerabilities in order to develop and implement appropriate risk mitigation strategies. The risk equation is a fundamental concept in security software, it is simply expressed as Risk = Threat x Vulnerability x Cost. Vulnerability and risk assessments are a valuable tool to use in resource allocation. Being aware of vulnerabilities, their significance and potential, allows for efficient allocation of resources when investing for risk mitigation. Vulnerability assessment can enhance an allocation strategy for example, choosing between an equal distribution of funding designed to protect against all threats or in a distribution in accordance with the severity and/or frequency of the event. After vulnerability and risk analyses are conducted resource allocations should be implemented towards risk mitigation efforts. Complementary combination of security policy and controls should be individualized to address the security needs and risks associated with an organization and/or its software. Examples of proactive security mechanisms include anti-virus protection, spyware scanners, and honey-pots. The best strategy to proactive security is building security into the program design. The Building Security in Maturity Model (BSIMM) is a descriptive model featuring a collaboration of observed software security activities and data from numerous industry leaders. 109 security activities are organized into 12 practices according to the Software Security Framework (SSF); the 12 practices are organized into 4 domains. BSIMM is a functional guide to software security initiatives. Additionally, BSIMM has analysis capabilities; BSIMM can be used to help determine where an organization stands in the software security initiative in comparison to what ‘everyone’ else is doing. See Appendix B for an explanation of the SSF practices and domains.
  • 6. PRO VS. REACTIVE 6 Developing a continuity of operations plan (COOP) is a necessary step in a proactive software security approach. COOP is an alternative operations plan designed to provide a flexible guidelines to assist in crisis preparation and response. The primary crisis scenario in software security is when security controls are successfully breached and an attack is executed resulting in damage to the system and/or disturbance to normal functionality. Including within the COOP should be individualized plans specific for each type of threat/attack. COOP highlights the interconnection between proactive and reactive tactics. Where the development of a COOP is a proactive activity and its implementation is considered reactive. A post-attack strategy, referred to as a reactive strategy, complements a proactive approach. Reactive strategy is comprised of responsive actions that help to identify, assess, and repair attack related damages. Addressed in the following paragraphs are four major components necessary to a support an efficient reactive approach specifically conducting damage assessments, implementing a COOP, determining a source of attack, and to repair and document any resulting damages. A reactive approach may be considered to be cost beneficial as it does not negatively affect budget unless an incident occurs. Necessary incident response resources, as outlined in a disaster recovery plan, should already be incorporated into the security budget. Conducting a damage assessment it is important to assess the extent of damage cause by a successful attack. Once damages are identified restoration operations can begin, therefore it is important to assess damages as quickly and accurately as possible. If normal system functionality is compromised then the COOP should be implemented immediately in order to maintain operations. COOP will foster timely and successful emergency resolutions for a variety of attack situations, detailed within the COOP are alternative system procedures, procedures for security
  • 7. PRO VS. REACTIVE 7 patch updates, information on data recovery, and more depending on the organizations operations and requirements. COOP goal is to maintain or restore organization/product functionality. Once the damages are assessed it is necessary to determine the source of attack in order to gain a better understanding of what system vulnerabilities were exploited to perpetrate the attack. Review audit and log trails to support investigations and identify possible fraudulent activities. Security policy should include requirements for management logging activities; it should be noted that logging analysis is a reactive tactic while logging maintenance is a proactive activity. For example as part of a reactive strategy, software security may be enhanced with intrusion detection and prevention systems (IDPS) the IDPS can be passive (solely for detection purposes) or reactive featuring auto-response to suspicious activity. Much of the costs associated with a system failure are correlated with the loss of service, productivity, or data during and/or after a breach. A reactive strategy supports quicker repairs. Having a workable disaster recovery plan in place will accelerate the restoration and recovery processes. It should be noted that proper documentation is necessary during all stages of the SDLC and while executing proactive and reactive security tactics such as risk or damage assessments. In a reactive strategy documentation could support investigative activities such as the reconstruction and evaluation of an attack. Good documentation practices such as consistency, reliability, comprehensibility, and accessibility are essential to establish data integrity. A security policy establishes the recommendations an organization uses to manage and protect software and its functionality. A good security policy will address the entire program, system-specific aspects, and issue-specific levels of operations. A security policy should be
  • 8. PRO VS. REACTIVE 8 regularly reviewed for its effectiveness in mitigating risks. Evaluations should consider the nature, quantity, and impact of all security related incidents as well as operational requirements, security strategy and tactics, and control measures. Security policy analysis can be conducted qualitatively or quantitatively. Post-evaluation the security policy should be adjusted accordingly; policy revisions and enhancements should be coordinated with the policy weaknesses identified during evaluation. Proactive and reactive strategies work together to develop security policies and controls designed to best mitigate risk. This can be seen in how software security assurance is presented through Touchpoints. The Touchpoints use a holistic approach, a careful balance of constructive/offensive and destructive/defensive activities, to achieve comprehensive risk-based security testing and address system-wide security issues. Adherence to guidelines such as those outlined in the software security Touchpoints are necessary to build more secure software. The paragraphs below outline the seven Touchpoints ordered according to effectiveness and importance, with specific focus of either the proactive or reactive nature of the Touchpoint. Code review is a proactive activity (also known as a white hat tactic) designed to avoid implementation issues. Though code review is constructive in nature it is informed by reactive or black hat history. Architectural risk analysis is of a similar tactical nature as code review but instead it objectives are to prevent design flaws. The combination of these two activities is vital to build security into software as all threats to software can basically be categorized as either an implementation bug or design flaw. The remaining five tactics can be arranged in the order that is best suited to an organization’s security needs. Penetration testing is an active analysis conducted during a simulated attack designed to assess for proper implementation and configuration while exploiting known vulnerabilities;
  • 9. PRO VS. REACTIVE 9 testing should be conducted throughout the SDLC. Penetration testing is of a reactive nature, it is a black hat activity. Efficient testing is supported by white hat information regarding software design and associated risks. The next Touchpoint employs a holistic approach, a combination of both white and black hat activities. Risk-based security tests are a security testing strategy based on known attack patterns specifically the system’s architecture (functional security testing) and an attacker’s mindset (adversarial security testing). The destructive aspect is the creation of security related artifacts such as model attack patterns; however, white hat data such as vulnerability and risk analyses are necessary to support efficient test development. Abuse cases should be conducted throughout the SDLC. An abuse case assesses what should be protected from whom and for how long based on the systems assumed behavior during an attack. They provide insight to how an attack can abuse the system (attack models). Knowledge of security requirements is necessary for the development of an abuse case, security requirements are developed using white hat information. A black hat approach is also necessary in order to derive model attack patterns. Abuse cases are a predominantly reactive activity. Security requirements and the resulting security functionality present the concept of a proactive strategy. They are designed specifically to defend against destructive (black hat) activities. Security requirements should capture both overt functional security (engineering/cryptography) and emergent characteristics (evident in attack models/patterns). Finally, it is necessary to integrate software security operations with network security. Security operations are considered a weakly a proactive activity because it is essential to security however many of the tactics executed are reactive. Security should not be an afterthought; software security should be designed to be proactive and reactive against attacks. It is beneficial to have a method in place, such as the one
  • 10. PRO VS. REACTIVE 10 discussed in this paper, in order to acknowledge and mitigate security risks throughout the SDLC. Since the cost of fixing defects increases as the software progresses forward in the SDLC the best way to build security into the software is when security is considered from the beginning of the SDLC. It is important o remember that software security is not a onetime activity but an integral part of the SDLC. There is no single overarching security policy that can be applied which would effectively protect the entire IT industry. A security strategy should be individualized to each organization and in some situations the overarching strategy should be further curtailed for individual programs/products. In order to properly tailor a security strategy an organization must first establish the level of their security needs and then determined which combination of proactive and reactive strategies is associated with the lowest rates of security failure for the organization. Knowledge of the plausible software vulnerabilities and associated risks can help to determine the ideal blend of proactive or reactive approaches. While this paper has worked to establish a clear definition between these two approaches, it should be noted that proactive and reactive strategies are not mutually exclusive interactions and overlays occurs between these two major strategies. The general goal of a software security system has both proactive and reactive elements, to have a fault tolerant design and maximum system availability in case an attack is perpetrated.
  • 11. PRO VS. REACTIVE 11 Appendix A: Security Strategy Threat/attack assessment Per - attack/threat develop: Proactive Strategy Vulnerability assessment Risk analysis Mitigation investments (policies/controls) Continuity of operations plan (COOP) Reactive Strategy Damage assessment Implement COOP Determine source of attack Repair and document damages Review outcome & policy effectiveness Adjust policy accordingly Appendix B: Average maturity level from all 42 BSIMM firms Software Security Framework (SSF): INTELLIGENCE: 1. ATTACK MODELS: Threat modeling, abuse cases, data classification, technology- specific attack patterns. 2. SECURITY FEATURES AND DESIGN: Security patterns for major security controls, middleware frameworks for controls, proactive security guidance.
  • 12. PRO VS. REACTIVE 12 3. STANDARDS AND REQUIREMENTS: Explicit security requirements, recommended COTS, standards for major security controls, standards for technologies in use, standards review board. SSDL TOUCHPOINTS: 1. ARCHITECTURE ANALYSIS: Capturing software architecture diagrams, applying lists of risks and threats, adopting a process for review, building an assessment and remediation plan. 2. CODE REVIEW: Use of code review tools, development of customized rules, profiles for tool use by different roles, manual analysis, ranking/measuring results. 3. SECURITY TESTING: Use of black box security tools in QA, risk driven white box testing, application of the attack model, code coverage analysis. DEPLOYMENT: 1. PENETRATION TESTING: Vulnerabilities in final configuration, feeds to defect management and mitigation. 2. SOFTWARE ENVIRONMENT: OS and platform patching, Web application firewalls, installation and configuration documentation, application monitoring, change management, code signing. 3. CONFIGURATION MNGT & VULNERABILITY MNGT: Patching and updating applications, version control, defect tracking and remediation, incident handling. GOVERNANCE: 1. STRATEGY AND METRICS: Planning, assigning roles and responsibilities, identifying software security goals, determining budgets, identifying metrics and gates. 2. COMPLIANCE AND POLICY: Identifying controls for compliance regimens, developing contractual controls (COTS SLA),setting organizational policy, auditing against policy. 3. TRAINING The software security framework (SSF). (n.d.). BSIMM3. Retrieved February 25, 2012, from Cigital website: http://bsimm.com/online/