Secure Software Design SET 1

The first phase of the SDLC is the ____ phase.

Initiation & Planning: Identify requirements, define project scope, budget, resources, and initial risk assessments.

The second phase of the SDLC is the ___ phase

Design: Develop detailed system architecture, interfaces, data flows, and security models.

The third phase of the SDLC is the ___ phase

Implementation (Coding/Development): Write, compile, and debug code.

The fourth phase of the SDLC is the ___ phase

Testing: Validate functionality, security, and performance.

The fifth phase of the SDLC is the ___ phase

Deployment: Release the software into the production environment.

The sixth phase of the SDLC is the ___ phase

Maintenance: Ongoing support, updates, security patches, and monitoring.

How CVE aids in identifying threats and vulnerabilities:

CVE provides a standardized identifier for publicly disclosed cybersecurity vulnerabilities.

Aids in sharing data about vulnerabilities across multiple security tools and databases.

Helps organizations quickly understand, identify, and mitigate known threats.

Advantages of Waterfall methodology:

Simple, linear, clearly defined stages.

Easy to manage, schedule, and budget.

Effective for stable, clearly defined requirements.

Disadvantages of Waterfall methodology:

Not flexible to changes mid-cycle.

Delayed testing might result in costly changes.

Poor adaptation for dynamic or evolving requirements.

Advantages of Agile methodology:

Highly adaptable to changing requirements.

Incremental progress allows for continuous improvement.

Emphasis on collaboration and communication.

Disadvantages of Agile methodology:

Potential for scope creep.

Difficult to predict exact costs/timeframes initially.

Requires ongoing user involvement and communication.

Privacy Impact Assessment (PIA) should include:

Description of system or project.

Information collected and reason for collection.

Purpose and use of information.

Security measures protecting privacy.

Identification of privacy risks.

Recommendations for risk mitigation.

Use of Data Flow Diagrams (DFD) in software development:

DFDs visually represent data movement through a system.

They identify input, process, storage, and output elements.

Aid developers in understanding system operations and spotting potential security flaws such as improper data handling or leaks.

Threat ranking factors:

Likelihood (Probability): Chance of threat occurrence based on threat intelligence, historical data, or environment.

Impact (Severity): Magnitude of potential damage to confidentiality, integrity, and availability.

Black box testing involves:

Testing without knowledge of internal workings.

Testers provide inputs and evaluate outputs.

Simulates external attacker perspective.

Used to discover vulnerabilities from an outsider's viewpoint.

Code Review Process

Systematic examination of source code.

Identifies bugs, vulnerabilities, and inefficiencies.

Usually involves peer reviews or automated analysis.

Improves overall quality, security, and compliance.

Essential Steps in Change Management:

Request & Proposal: Submission of requested change.

Impact Analysis: Evaluating risks, benefits, and impacts.

Approval: Management approval based on cost-benefit-risk.

Planning: Detailed scheduling of change activities.

Testing: Verify changes before production.

Implementation: Execution of the approved changes.

Review & Closure: Post-change assessment, documentation, and lessons learned.

Elements of policy compliance analysis:

Identification of relevant policies and regulatory requirements.

Gap analysis (current state vs desired state).

Identification of non-compliance areas.

Recommendations for corrective actions.

Continuous monitoring and periodic reassessment.

Penetration testing vs. Vulnerability scanning:

Penetration Testing: Active, manual testing, exploits vulnerabilities, simulates attacks; suitable for critical, high-risk software.

Vulnerability Scanning: Automated, passive scanning, identifies known vulnerabilities without exploitation.

Software Security Champion:

Advocates security within development teams.

Integrates security into development processes.

Expertise: software development, secure coding practices, threat modeling, and security testing techniques.

First category of STRIDE model:

Spoofing: Identity theft or impersonation.

Second category of STRIDE model:

Tampering: Unauthorized alteration of data.

Third category of STRIDE model:

Repudiation: Denying actions performed.

Fourth category of STRIDE model:

Information Disclosure: Unauthorized access to sensitive information.

Fifth category of STRIDE model:

Denial of Service (DoS): Interrupting availability.

Sixth category of STRIDE model:

Elevation of Privilege: Gaining unauthorized higher access leve

1st category of DREAD model:

Damage Potential: Severity of impact.

2nd category of DREAD model:

Reproducibility: Ease of triggering the exploit.

3rd category of DREAD model:

Exploitability: Required skill and resources to exploit.

4th category of DREAD model:

Affected Users: Number of users impacted.

5th category of DREAD model:

Discoverability: Ease of finding the vulnerability.

Using DREAD model to do:

Helps prioritize security improvements and allocate resources effectively.

Prioritizes vulnerabilities based on:

Damage Potential: Severity of impact.

Reproducibility: Ease of triggering the exploit.

Exploitability: Required skill and resources to exploit.

Affected Users: Number of users impacted.

Discoverability: Ease of finding the vulnerability.

PASTA stands for?

Process for Attack Simulation and Threat Analysis (PASTA).

1st stage of PASTA

Define the Objectives

2nd stage of PASTA

Define the Technical Scope

3rd stage of PASTA

Decompose the Application

4th stage of PASTA

Analyze the Threats

5th stage of PASTA

Vulnerability Analysis

6th stage of PASTA

Attack Analysis

7th stage of PASTA

Risk and Impact Analysis

In PASTA what goes on in the Define Objectives stage:

Identify business goals and security requirements.

Define compliance and regulatory obligations.

Establish scope and objectives for the assessment.

Example: Protect customer payment data and maintain PCI DSS compliance.

In PASTA what goes on in the Define Technical Scope stage:

Identify system boundaries and components.

Document application architecture, data flows, and interfaces.

Example: Web application, database servers, API services.

In PASTA what goes on in the decompose the application stage:

In PASTA what goes on in the Analyze the Threats stage:

Identify potential threats and attack scenarios.

Use threat libraries (STRIDE, OWASP Top 10, CVE) for guidance.

Analyze potential attack vectors based on architecture and components.

Example: SQL injection, Cross-site scripting (XSS), API abuse.

In PASTA what goes on in the vulnerability analysis stage:

Identify known vulnerabilities and security weaknesses in components.

Utilize security scanning tools, CVE databases, and vulnerability assessments.

Example: Outdated software versions, misconfigured authentication.

In PASTA what goes on in the attack analysis stage:

Simulate realistic attack scenarios.

Develop attack trees and exploit paths.

Prioritize attacks based on feasibility and impact.

Example: Simulate SQL injection leading to data exfiltration.

In PASTA what goes on in the risk and impact analysis stage:

Evaluate risks by considering threat likelihood and business impact.

Quantify risk and develop mitigation strategies.

Provide prioritized recommendations aligned with business goals.

Example: Patch critical vulnerabilities first, enhance monitoring, implement WAF rules.

Benefits of PASTA:

Aligns technical threats with business impacts.

Provides clear visibility into security risk.

Enables effective prioritization of remediation efforts.

Improves decision-making through structured risk analysis.