Java Reference
In-Depth Information
that every risk that is present in an environment can be mitigated. his cannot be further from
the truth. here are certain points where risks will have to be accepted, as there would be several
constraints that would be intertwined with its mitigation. It might be cost-prohibitive, where the
cost of mitigating the risk would be more expensive than leaving the risk unmitigated. It might
not be possible to mitigate certain risks because of constraints imposed by third parties whose
involvement is necessary for mitigating a particular risk. It might not be achieved quickly, because
it would involve downtime of a critical system. Risk acceptance needs to be understood and uti-
lized as a course of action only in circumstances where it is possible to do so. It is usually seen that
organizations choose to address high- and medium-impact threats, as they are usually very severe
in nature. Low-impact threats are not mitigated or are mitigated at a later date.
5.6 Risk Assessment for an existing Web Application
Earlier, we discussed a possible scenario where security is built from the ground up into an appli-
cation and is developed and implemented based on the risk assessment and risk mitigation plans
that are drawn up as part of the process. However, there are umpteen Web applications that are
functioning where security is still a major weakness, as the said risk assessment and mitigation
strategies have not been considered before the development and deployment of the Web applica-
tion. housands of such organizations all over the world have deployed Web applications on the
Internet, and security functionality needs to be implemented for these Web applications. In such
cases, the existing subprocesses in the risk assessment phase need to be tweaked by a small margin
to ensure that risk assessment is efective and comprehensive.
he process that needs to be added to the risk assessment phase is
vulnerability assessment
. his
process succeeds the system characterization process and precedes the threat analysis process. In
the case of an existing Web application, a detailed vulnerability assessment needs to be carried out
where the vulnerabilities in the existing Web application need to be brought to light through man-
ual and automated Web application vulnerability assessment. Vulnerability assessment includes
several manual and automated processes, which include the use of Web application vulnerability
scanners, Web application proxies, spidering tools, and manual processes such as access control
reviews and review of cryptographic implementation and code reviews for security. hese methods
of assessment need to be part of the vulnerability assessment phase, and it must be ensured that
vulnerabilities that manifest in the existing application are properly assessed and brought to light.
hese vulnerabilities are used during the threat modeling phase, and the security functionality is
based on the same.
he same has been highlighted in Figure 5.8.
5.7 Summary
Risk management was the main area of focus of this chapter. We looked into the reasons for why
risk management is required for Web applications. We explored the multifarious beneits of risk
management including clarity for the security controls and management interaction. We went
over, in brief, the phases involved in the risk management cycle, namely, risk assessment, risk miti-
gation, and continuous evaluation, and delved into the signiicance of all these processes and their
beneits in the risk management cycle. he risk assessment phase was explained, where we have
utilized principles for structured risk assessment methodologies to understand and assess risks
Search WWH ::
Custom Search