To install click the Add extension button. That's it.

The source code for the WIKI 2 extension is being checked by specialists of the Mozilla Foundation, Google, and Apple. You could also do it yourself at any point in time.

How to transfigure the Wikipedia

Would you like Wikipedia to always look as professional and up-to-date? We have created a browser extension. It will enhance any encyclopedic page you visit with the magic of the WIKI 2 technology.

Try it — you can delete it anytime.

Install in 5 seconds
4,5
Kelly Slayton
Congratulations on this excellent venture… what a great idea!
Alexander Grigorievskiy
I use WIKI 2 every day and almost forgot how the original Wikipedia looks like.
Live Statistics
English Articles
Improved in 24 Hours
Added in 24 Hours
Languages
Recent
Show all languages
What we do. Every page goes through several hundred of perfecting techniques; in live mode. Quite the same Wikipedia. Just better.
Great Wikipedia has got greater.
.
Leo
Newton
Brights
Milds

DREAD (risk assessment model)

From Wikipedia, the free encyclopedia

DREAD is part of a system for risk-assessing computer security threats that was formerly used at Microsoft.[1] It provides a mnemonic for risk rating security threats using five categories.

YouTube Encyclopedic

  • 1/3
    Views:
    1 781
    1 698
    3 891
  • 11 Threat modelling STRIDE
  • Threat Modeling (CISSP Free by Skillset.com)
  • Stock Trading Quick Tip: Stranger Danger for Traders

Transcription

Categories

The categories are:

  • Damage – how bad would an attack be?
  • Reproducibility – how easy is it to reproduce the attack?
  • Exploitability – how much work is it to launch the attack?
  • Affected users – how many people will be impacted?
  • Discoverability – how easy is it to discover the threat?

The DREAD name comes from the initials of the five categories listed. It was initially proposed for threat modeling but was abandoned when it was discovered that the ratings are not very consistent and are subject to debate. It was discontinued at Microsoft by 2008.[2]

When a given threat is assessed using DREAD, each category is given a rating from 1 to 10.[3] The sum of all ratings for a given issue can be used to prioritize among different issues.

Discoverability debate

Some security experts feel that including the "Discoverability" element as the last D rewards security through obscurity, so some organizations have either moved to a DREAD-D "DREAD minus D" scale (which omits Discoverability) or always assume that Discoverability is at its maximum rating.[4][5]

See also

References

  1. ^ Shostack, Adam. "Experiences Threat Modeling at Microsoft" (PDF).
  2. ^ "Do you use DREAD as it is?". Archived from the original on 2016-03-06. Retrieved 2014-09-08.
  3. ^ "Security/OSSA-Metrics - OpenStack". wiki.openstack.org.
  4. ^ "Security/OSSA-Metrics - OpenStack". wiki.openstack.org.
  5. ^ "Threat Modeling | OWASP". owasp.org.

External links


Stub icon

This computer security article is a stub. You can help Wikipedia by expanding it.

This page was last edited on 25 April 2024, at 01:28
Basis of this page is in Wikipedia. Text is available under the CC BY-SA 3.0 Unported License. Non-text media are available under their specified licenses. Wikipedia® is a registered trademark of the Wikimedia Foundation, Inc. WIKI 2 is an independent company and has no affiliation with Wikimedia Foundation.
Contact WIKI 2
Introduction
Terms of Service
Privacy Policy