Security Patterns

From Guidance Share

(Difference between revisions)
Jump to: navigation, search
Revision as of 18:09, 21 June 2008 (edit)
JD (Talk | contribs)

← Previous diff
Current revision (18:16, 21 June 2008) (edit)
JD (Talk | contribs)

 
Line 1: Line 1:
{| {|
| |
-[[image:InspectionCenter.gif]]+<!-- [[image:InspectionCenter.gif]] -->
|| ||
-A security inspection is a focused check against criteria. In practice, there are three types of inspections: design, code, and deployment inspections. Design inspections help identify key engineering issues that have cascading impact. Code inspections catch implementation issues. Deployment inspections catch runtime and configuration issues. During inspections, you check both whether good practices are implemented, and bad practices are avoided. +Security patterns are problem and solution pairs. Here you'll find four types of patterns: design, implementation, attack and vulnerability patterns. You can use the patterns to help shape your countermeasures and to help understand the potential security issues that your software faces. Design patterns help you solve key engineering issues that have cascading impact. Attack patterns help you understand the ways that software is attacked. Vulnerability patterns help you understand the ways that software is vulnerable to attacks. Use the patterns to help you leverage proven practices and to help you avoid known bad practices. Remember that patterns are starting points.
| |
|} |}
Line 11: Line 11:
|- valign="top" |- valign="top"
| |
-=== Getting Started ===+=== Design Patterns ===
-* [[At a Glance: Security Inspections]]+* [[Security Design Patterns]]
- Attack Patterns – Vulnerability Patterns – Security Design Patterns – Security Implementation Patterns  
-=== Techniques ===+=== Implementation Patterns ===
-* [[Security Design Inspection]] +* [[Security Implementation Patterns]]
-* [[Security Code Inspection]]+ 
-* [[Security Deployment Inspection]]+
|| ||
-=== Design Inspection Questions ===+=== Attack Patterns ===
-* [[Web Application Security Design Inspection Questions]]+* [[Attack Patterns]]
-=== Code Inspection Questions ===+=== Vulnerability Patterns ===
-* [[.NET Framework 2.0 Security Inspection Questions]]+* [[Vulnerability Patterns]]
-* [[ASP.NET 2.0 Security Inspection Questions]] +

Current revision

Security patterns are problem and solution pairs. Here you'll find four types of patterns: design, implementation, attack and vulnerability patterns. You can use the patterns to help shape your countermeasures and to help understand the potential security issues that your software faces. Design patterns help you solve key engineering issues that have cascading impact. Attack patterns help you understand the ways that software is attacked. Vulnerability patterns help you understand the ways that software is vulnerable to attacks. Use the patterns to help you leverage proven practices and to help you avoid known bad practices. Remember that patterns are starting points.


Design Patterns


Implementation Patterns



Attack Patterns


Vulnerability Patterns





Personal tools