Use of Concept: attack surface analysis report

Creator

Description

Attack Surface Analysis Report
The purpose of an Attack Surface Analysis Report is to provide uidance on the risk areas of an attack surface for a system. This will make developers and security specialists aware of what parts of the application are open to attack and help them find ways to minimizing this. Security architects and penetration testers usually perform the Attack ZSurface Analysis, but developers should underrstand and monitor the attci surface as they design, build and change a system. An Attack Surface Analysis Report can also help to:
* Identify the functions or parts of the system need to be reviewd/tested for security vulnerabilities
* Identify areas of code that require extra protection
* Identify changes in the attack surface that need a threat assessment

Attack Surface Analysis Report includes:
* attack surface list
* mission decomposition and criticality analysis
* attack surface analysis

Owning Diagram A41: Update Cyber Threat Assessment and Kill Chain Analysis

ICOM Details:

Input inherited from Activity A41 Update Cyber Threat Assessment and Kill Chain Analysis.
Input on Activity A411 Update Threat Assessment.