White Hats, Hack Thyself
Classification Key
: Security Pattern Space
Problem
The implementation of security mechanisms in a system have to be tested before the system is exposed to real world. Trying to figure out all the bugs and vulnerabilities in a system is a very difficult task.
How can you be assured of the true security of your systems without real-world testing?
Solution
Apply gray hat techniques against your own system. Plan and execute an attack under a controlled but non-trivial circumstance. Perform attacks on an ongoing basis and record the results. Use the results for testing and maintenance.
Known Uses
Sanctum’s Appscan can automate and document controlled web-based intrusion attempts.
Related Patterns
Risk Determination
Source
Romanosky Repository
Tags
Patch, Maintenance, Attack Response
|