Reference – Security Bug Assessment Model – STRIDE

Before the current focus on security at Microsoft, all security bugs at Microsoft were rated using the DREAD model. (See prior post). Now, Microsoft rates each security bug using the STRIDE model. STRIDE is an acronym that stands for:

  • Spoofing
  • Tampering
  • Repudiation
  • Information Discovery
  • Denial of Service (DoS)
  • Elevation of Privilege (EoP)

 

This entry was posted on Saturday, March 24th, 2012 at 3:15 pm and is filed under security. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.

Leave a Reply

You must be logged in to post a comment.