Architecture Risk Analysis (ARA) is a set of techniques that aims to discover design flaws and the risks they pose within a system. ARA does not replace other analysis techniques such as penetration testing and code review; it complements those techniques. Once you learn the techniques discussed in this course, you will have the skills needed to identify design-level defects — even if the system being analyzed has been pen-tested, code-reviewed, and released.
Delivery Format: eLearning
Duration: 1 hour 30 mintues
Level: Advanced
Intended Audience:
Prerequisites:
ARA Overview
Design Flaws and the Techniques That Find Them
ARA Output
Dependency Analysis
Known Attack Analysis
System-Specific Analysis
Guiding Principles for ARA
Models of an ARA System
Documenting ARA Findings
Security Testing