Source: DREAD (Risk Assessment Model)
DREAD is part of a system for risk-assessing computer security threats previously used at Microsoft and currently used by OpenStack and many other corporations. It provides a mnemonic for risk rating security threats using five categories.
The categories are:
- Damage – how bad would an attack be?
- Reproducibility – how easy is it to reproduce the attack?
- Exploitability – how much work is it to launch the attack?
- Affected users – how many people will be impacted?
- Discoverability – how easy is it to discover the threat?
Source: OWASP Bucharest AppSec Conference 2017
OWASP Bucharest team is happy to announce the OWASP Bucharest AppSec Conference 2017 a three days Security and Hacking Conference with additional training days dedicated to the application security. It will take place 11th through 13th of October, 2017 – Bucharest, Romania. With 11th and 12th being training only days, 13th of October is the day of the conference!
The stated objective of the OWASP’s Bucharest AppSec Conference is to “raise awareness about application security and to bring high-quality security content provided by renowned professionals in the European region.”
Registration is free and all materials are available under a free and open software license.
Who Should Attend?
- Application Developers
- Application Testers and Quality Assurance
- Application Project Management and Staff
- Chief Information Officers, Chief Information Security Officers, Chief Technology Officers, Deputies, Associates and Staff
- Chief Financial Officers, Auditors, and Staff Responsible for IT Security Oversight and Compliance
- Security Managers and Staff
- Executives, Managers, and Staff Responsible for IT Security Governance
- IT Professionals interested in improving IT Security
- Anyone interested in learning about or promoting Web Application Security
Further information about the talks is available here. Registration is FREE so you just need to book your seat using this link, print your ticket and present it at the entrance.
Check out the training opportunities here and be advised as the number of available seats is limited!
Spoilers: Adobe Romania’s , Cristian OPINCARU will be delivering an awesome talk on “Protecting against credential stuffing attacks” and Cristina NICA, Andreea CUTLACAI & Daniela ENE organized a very interesting panel discussion on Women in AppSec!