Prioritization of Threats via DREAD System

DREAD system is designed to provide a rating for a threat by answering 5 main questions of which are:

  • Damage Potential: How severe would the damage be?
  • Reproducibility: How complicated is it for attacker to reproduce the exploit?
  • Exploitability: How hard is it to perform the attack?
  • Affected Users: How many user will likely to be affected?
  • Discoverability: How hard for an attacker to discover the weakness?

 

Leave a Reply

Your email address will not be published. Required fields are marked *