Difference between revisions of "Security/Threat Analysis"
< Security
(→OpenStack Threat Anlaysis) |
(→Threat Analysis Steps) |
||
Line 4: | Line 4: | ||
=== Threat Analysis Steps === | === Threat Analysis Steps === | ||
<gallery> | <gallery> | ||
− | File:Modeling_steps.png| Threat Analysis Steps | + | [[File:Modeling_steps.png| Threat Analysis Steps]] |
</gallery> | </gallery> |
Revision as of 13:09, 13 November 2013
OpenStack Threat Anlaysis
This proposal is to start a threat analysis evaluation of the OpenStack system components. A threat analysis takes a comprehensive look at the system at hand – components, protocols and code - against the existence and capability of an adversary looking for known vulnerabilities. When a threat is identified, it is tallied and reported to the development team. In some cases, the threat analysis team may also include a suggestion to fix the vulnerabilities and related threat.