Gavilan College Application Using the OWASP Attack Surface Analysis Cheat Sheet Review
Description
Activity 7.1: Review an Application Using the OWASP Attack Surface Analysis Cheat Sheet
In this exercise you will use the Open Web Application Security Project Application Attack Surface Analysis Cheat Sheet. If you are not completely familiar with an application in your organization, you may find it helpful to talk to an application administrator, DevOps engineer, or developer.
Part 1: Review the OWASP Attack Surface Analysis Cheat Sheet.?The cheat sheet can be found at https://cheatsheetseries.owasp.org/cheatsheets/Attack_Surface_Analysis_Cheat_Sheet.html
Review the cheat sheet, and make sure that you understand how application attack surfaces are mapped. If you’re not familiar with the topic area, spend some time researching it.
Part 2: Select an application you are familiar with and follow the cheat sheet to map the application’s attack surface.?Select an application that you have experience with from your professional experience and follow the cheat sheet. If you do not know an answer, note that you cannot identify the information and move on.
Part 3: Measure the application’s attack surface.?Use your responses to analyze the application’s attack surface. Answer the following questions:What are the high-risk attack surface areas?
What entry points exist for the application?
Can you calculate the Relative Attack Surface Quotient for the application using the data you have? If not, why not?
What did you learn by doing this mapping?Part 4: Manage the attack surface.?Using your mapping, identify how (and if!) you should modify the application’s attack surface. What would you change and why? Are there controls or decisions that you would make differently in different circumstances?
Have a similar assignment? "Place an order for your assignment and have exceptional work written by our team of experts, guaranteeing you A results."