课程: Programming Foundations: Web Security
今天就开通帐号,24,600 门业界名师课程任您挑!
Threat models
- As a web developer, the most important part of security awareness is to assess potential threats to your website. The process of assessing potential security threats is called developing a threat model. Threat models are unique to each person or organization. They're a prioritized list of the risks and potential threats that a person or an organization faces. Threat models are not a new concept. Like many of the security principles that we'll examine, they've been used in military applications for centuries. Imagine a castle in the 13th century. The king and the queen are worried that their enemies will attack soon. How should they secure the castle? They start by examining their situation to develop a threat model. They know that enemies are most likely to attack from the north, and those enemies are likely soldiers on foot without heavy equipment. Their most valuable assets are the lives of their family, and…
下载课程离线学习
下载课程到移动设备,轻松离线学习。在领英学习 iOS 或安卓版 APP 下载课程