August 2018
Beginner
594 pages
22h 33m
English
Content preview from Software Architect's Handbook
Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
Start your free trial
Decomposing an application
While a new software system is being designed, or during the analysis of an existing software system, we want to begin threat modeling with an understanding of the software system. Decomposing an application helps us to understand our software application better and uncover security vulnerabilities. Decomposing an application includes knowing the assets that an attacker may be interested in, the potential attackers of the system, the interactions with external entities, and the entry points into the system.
Organizations and their software systems have assets, which are the things of value to attackers. Assets might be physical, such as obtaining login credentials or a software system's data. They can also be abstract, ...