Difference between revisions of "Security/Threat Analysis"

Revision as of 13:07, 13 November 2013

OpenStack Threat Anlaysis

This proposal is to start a threat analysis evaluation of the OpenStack system components. A threat analysis takes a comprehensive look at the system at hand – components, protocols and code - against the existence and capability of an adversary looking for known vulnerabilities. When a threat is identified, it is tallied and reported to the development team. In some cases, the threat analysis team may also include a suggestion to fix the vulnerabilities and related threat.

Threat Analysis Steps

Threat Analysis Steps

@@ Line 1: / Line 1: @@
 == OpenStack Threat Anlaysis ==
 This proposal is to start a threat analysis evaluation of the OpenStack system components. A threat analysis takes a comprehensive look at the system at hand – components, protocols and code - against the existence and capability of an adversary looking for known vulnerabilities. When a threat is identified, it is tallied and reported to the development team. In some cases, the threat analysis team may also include a suggestion to fix the vulnerabilities and related threat.
+=== Threat Analysis Steps ===
+<gallery>
+File:Modeling_steps.png| Threat Analysis Steps
+</gallery>