|
🍎
Targets
|
🚪
Weaknesses
|
🛡️
Defenses
|
🐛
Threats
|
general
|
Software system
|
Vulnerability
|
Operating system security
Secure by design
IDS
|
Malware
Viruses
Cyberattack
|
Authentication
|
Identity
|
Leaked, stolen, weak passwords
Security through obscurity
Default Credential vulnerability
|
Login
Password
MFA
Digital signature
|
Password cracking
Keystroke logging
Phishing
|
Authorization
|
Privilege
|
Debugging and administration tools Default permissions Backdoor
|
Principle of least privilege
ACL
|
Privilege escalation
|
Network
|
Availability Message authentication Session
|
Broadband access
|
Firewalls
DDoS mitigation
Message authentication code
TLS, HSTS, WPA3
|
Web exploits Cross-site scripting Denial-of-service attacks MITM Session hijacking
|
Data
|
Privacy Data integrity Confidentiality Sensitive information
|
Data access
|
Data security Encryption Data erasure Chain of trust Canary trap NBDE
|
Data breach Cryptographic attacks Tampering Ransomware
|
Application
|
Code
|
Arbitrary code execution
Security bug
Buffer overflow
|
Security testing
Defensive programming
Secure coding
Buffer overflow protection
NX bit
ASLR
|
Code injection
Exploits
|
Social networks
|
Private account
CC
Ad credit
|
Weak passwords
Password recovery
|
Security awareness
|
Phishing
Social engineering
|