![]() | This article is rated C-class on Wikipedia's
content assessment scale. It is of interest to the following WikiProjects: | ||||||||||||||||||
|
I want to write about mitigating threats, but it's largely "original research" in that I am just looking at the attack tree and pointing out obvious cause and effect. For example I stated that modifying the attack tree as close to the root is the most obvious way to eliminate as many threats as possible, but also adds other threats. This could be expanded on; but these are my own thoughts. On the other hand, these are proovable easily:
This means an entire discussion can be made on the thought path of mitigating flaws and how this affects the attack tree. On the OTHER hand, an ARGUMENT is present in the FACTS as well:
Here we show that mitigating A, B, and C in isolated and direct ways will add concerns for each option X, Y, Z used for mitigation. However, with more assumptions, we see an argument:
This means that basically by mitigating flaws close to the root, the minimum set of mitigation features and software is used, and thus added variables are kept to a minimum. As an example, individual incremental bug-fix patches on Apache, ProFTPd, and MySQL each create a risk of the software not working or encountering other security holes; while a system-level protection software such as PaX mitigates the intrusion threats covered by several of these patches while leaving the denial of service threats. Implementing PaX would bring similar concerns, but in much smaller force; and it would mitigate the individual concerns that each incrimental bug-fix patch may actually create an extra buffer overflow et al to replace the one it solves.
Hello fellow Wikipedians,
I have just modified one external link on Attack tree. Please take a moment to review my edit. If you have any questions, or need the bot to ignore the links, or the page altogether, please visit this simple FaQ for additional information. I made the following changes:
{{
dead link}}
tag to
https://acc.dau.mil/CommunityBrowser.aspx?id=322427#8.5.3.3{{
dead link}}
tag to
http://www.innovativedecisions.com/documents/Buckshaw-Parnelletal.pdfWhen you have finished reviewing my changes, please set the checked parameter below to true or failed to let others know (documentation at {{
Sourcecheck}}
).
This message was posted before February 2018.
After February 2018, "External links modified" talk page sections are no longer generated or monitored by InternetArchiveBot. No special action is required regarding these talk page notices, other than
regular verification using the archive tool instructions below. Editors
have permission to delete these "External links modified" talk page sections if they want to de-clutter talk pages, but see the
RfC before doing mass systematic removals. This message is updated dynamically through the template {{
source check}}
(last update: 5 June 2024).
Cheers.— InternetArchiveBot ( Report bug) 02:36, 21 October 2016 (UTC)