Threats and Countermeasures Patterns

From Guidance Share

Attack Patterns

• Buffer Overflow Attack Pattern
• SQL Injection Attack Pattern

Design Patterns

• Choke Point
• Trusted Subsystem
• Impersonation Delegation
• Exception Gatekeeper

Implementation Patterns

• White List Input
• Black List Input
• Type Safe SQL
• Escaping Special SQL Characters
• SQL Query Concatenation

Vulnerability Patterns

• Buffer Overflow Vulnerability Pattern
• Integer Overflow Vulnerability Pattern
• SQL Injection Vulnerability Pattern

Templates for Patterns

• Attack Pattern Template
• Vulnerability Pattern Template