Back to Security Pattern Catalog




White Hats, Hack Thyself


Classification Key : Security Pattern Space

Problem

The implementation of security mechanisms in a system have to be tested before the system is exposed to real world. Trying to figure out all the bugs and vulnerabilities in a system is a very difficult task. How can you be assured of the true security of your systems without real-world testing?

Solution

Apply gray hat techniques against your own system. Plan and execute an attack under a controlled but non-trivial circumstance. Perform attacks on an ongoing basis and record the results. Use the results for testing and maintenance.

Known Uses

Sanctum’s Appscan can automate and document controlled web-based intrusion attempts.

Related Patterns

Risk Determination

Source

Romanosky Repository

Tags

Patch, Maintenance, Attack Response


 

Last modified: May 05, 2012

Conceived and Maintained by: Munawar Hafiz