• Home
• Benefits
  • Better
    • Defensible Decisions
    • Holistic Approach
    • Architectural Focus
    • Determine ROI
    • Communication
    • Optimize Risk
    • Due Diligence
  • Faster
  • Cheaper
• Risk Modeling
  • Methodology
    • Premise
    • Attack Tree Analysis
    • Advantages
  • Software
  • FAQ
• Demos
  • Demos
  • Videos
• Documents
  • Documents
  • Tutorial
  • Links
• Customization
• Software Trial
• U.S. Gov't & Defense
  • NCAGE / CCR
  • National Stock Numbers
  • Sensitive Environments
• Company Info
• Contact Us

SecurITree is Better

3: Architectural Focus

Most security problems arise from bad architectural design. Attempting to fix each specific defect is tedious, time consuming and expensive. It is also a never ending task. As soon as a particular problem is solved the attackers will find another, similar way of exploiting the architectural flaw. The real solution is to find the architectural defect and correct it. This allows you to thwart attacks that exploit vulnerabilities that haven't even been discovered yet!

A SecurITree analyst creates an attack model by first considering the classes of attacks possible against a target. Known exploits are incorporated into the model as instances of attack classes. Including previous attacks in the model allows the analyst to understand the resources required for similar attacks. SecurITree's architectural focus makes it possible to anticipate attacks that have not even been discovered. This shifts thinking from reactive to proactive. It is possible (and desirable) to analyze the security of a system at the design phase - before implementation.

<< Previous Item (2 of 7)       Up (To List)       Next Item (4 of 7) >>