Learning Goal: I’m working on a cyber security multi-part question and need an explanation and answer to help me learn.
Activity 7.1: Review an Application Using the OWASP Attack Surface Analysis Cheat Sheet
In this exercise you will use the Open Web Application Security Project Application Attack Surface Analysis Cheat Sheet. If you are not completely familiar with an application in your organization, you may find it helpful to talk to an application administrator, DevOps engineer, or developer.
Part 1: Review the OWASP Attack Surface Analysis Cheat Sheet. The cheat sheet can be found at https://cheatsheetseries.owasp.org/cheatsheets/Attack_Surface_Analysis_Cheat_Sheet.htmlLinks to an external site.
Review the cheat sheet, and make sure that you understand how application attack surfaces are mapped. If you’re not familiar with the topic area, spend some time researching it.
Part 2: Select an application you are familiar with and follow the cheat sheet to map the application’s attack surface. Select an application that you have experience with from your professional experience and follow the cheat sheet. If you do not know an answer, note that you cannot identify the information and move on.
Part 3: Measure the application’s attack surface. Use your responses to analyze the application’s attack surface. Answer the following questions:What are the high-risk attack surface areas?
What entry points exist for the application?
Can you calculate the Relative Attack Surface Quotient for the application using the data you have? If not, why not?
What did you learn by doing this mapping?Part 4: Manage the attack surface. Using your mapping, identify how (and if!) you should modify the application’s attack surface. What would you change and why? Are there controls or decisions that you would make differently in different circumstances?
Delivering a high-quality product at a reasonable price is not enough anymore.
That’s why we have developed 5 beneficial guarantees that will make your experience with our service enjoyable, easy, and safe.
You have to be 100% sure of the quality of your product to give a money-back guarantee. This describes us perfectly. Make sure that this guarantee is totally transparent.
Read moreEach paper is composed from scratch, according to your instructions. It is then checked by our plagiarism-detection software. There is no gap where plagiarism could squeeze in.
Read moreThanks to our free revisions, there is no way for you to be unsatisfied. We will work on your paper until you are completely happy with the result.
Read moreYour email is safe, as we store it according to international data protection rules. Your bank details are secure, as we use only reliable payment systems.
Read moreBy sending us your money, you buy the service we provide. Check out our terms and conditions if you prefer business talks to be laid out in official language.
Read more
Recent Comments