From the course: Cloud Security Considerations for General Industry
Join today to access over 22,600 courses taught by industry experts or purchase this course individually.
Software attack vectors
From the course: Cloud Security Considerations for General Industry
Software attack vectors
- [Kevin] Not to be overshadowed by infrastructure, software has many crucial vulnerabilities also. In fact, the Open Web Application Security Project, or OWASP, an online community focused on web application security, has developed a risk rating methodology that can be used to rate the severity of web application vulnerabilities. This basic framework leverages the standard risk model. Risk equals likelihood times impact. By identifying risk and looking at the skill level, motive, opportunity, and size of the threat agents and attack vectors, estimating the likelihood of harm by evaluating known security weaknesses and applicable security controls, and estimating the technical and business impact of an exploited vulnerability. This methodology is used to write the severity of risk to the application so that a prioritized list of what to fix can be made. Many organizations develop a customized risk rating model by modifying…
Practice while you learn with exercise files
Download the files the instructor uses to teach the course. Follow along and learn by watching, listening and practicing.
Download courses and learn on the go
Watch courses on your mobile device without an internet connection. Download courses using your iOS or Android LinkedIn Learning app.
Contents
-
-
-
Cloud computing key drivers2m 32s
-
(Locked)
Cloud computing characteristics3m 20s
-
(Locked)
Deployment models2m 53s
-
(Locked)
Service models6m 58s
-
(Locked)
IT implementation options1m 47s
-
(Locked)
Infrastructure attack vectors1m 25s
-
(Locked)
Software attack vectors2m 24s
-
(Locked)
Critical vulnerabilities3m 21s
-
-
-
-
-
-