[Context and motivation] Penetration testing is one key technique for discovering vulnerabilities, so that software can be made more secure. [Question/problem] Alignment between modeling techniques used earlier in a project and the development of penetration tests could enable a more systematic approach to such testing, and in some cases also enable creativity. [Principal ideas/results] This paper proposes an extension of HARM (Hacker Attack Representation Method) to achieve a systematic approach to penetration test development. [Contributions] The paper gives an outline of the approach, illustrated by an e-exam case study.
CITATION STYLE
Vegendla, A., Søgaard, T. M., & Sindre, G. (2016). Extending HARM to make test cases for penetration testing. In Lecture Notes in Business Information Processing (Vol. 249, pp. 254–265). Springer Verlag. https://doi.org/10.1007/978-3-319-39564-7_24
Mendeley helps you to discover research relevant for your work.