StackOverflow2013

Note that there are some explanatory texts on larger screens.

plurals

PO
primarykey
Id
2822405
data
AcceptedAnswerId
0
AnswerCount
0
ClosedDate
CommentCount
1
CommunityOwnedDate
CreationDate
2010-05-12T20:09:31.887
FavoriteCount
0
LastActivityDate
2010-05-12T20:09:31.887
LastEditDate
LastEditorUserId
0
OwnerUserId
88656
ParentId
2821996
PostTypeId
2
Score
8
ViewCount
0
LastEditorDisplayName
text
Body
The first thing to do is build a threat model. Only once you understand: <ul> <li>what are the resources being protected?</li> <li>what are the vulnerabilities of those resources that expose them to attack?</li> <li>what are the motivations of attackers?</li> <li>what threats do the attackers pose?</li> </ul> can you reasonably start to craft a solution. For example, if the resource is my television, the vulnerability is an open window, the attackers have financial gain as a motive, and the threat they pose is the theft of my television, then I can start to craft a solution. Consider the multi-pronged solution that becomes apparent once you have a list of resources, vulnerabilities, motivations and threats. I can: <ul> <li>Make the vulnerability harder to exploit: close and lock the window, get an alarm, get unbreakable glass</li> <li>Make the resource less valuable to the attacker, thereby demotivating them: buy a cheaper, heavier television </li> <li>Make the loss of the resource less costly to me: buy insurance</li> <li>And so on.</li> </ul> Notice that a good solution has defense in depth. Don't just stop there. Look for more vulnerabilities. Look for more ways to demotivate attackers. Look for more ways to lower the cost of a successful attack. But all of this depends on having an accurate threat model, so do that first. Here's some resources to get you started: <a href="http://www.microsoft.com/security/sdl/getstarted/threatmodeling.aspx" rel="nofollow noreferrer">http://www.microsoft.com/security/sdl/getstarted/threatmodeling.aspx</a>
Tags
Title
singulars
PostAcceptedAnswerId
1. This table or related slice is empty.
PostParentId
1. POApplication security issues to consider
 singulars
 PostTypePostTypeId
 PTQuestion
PostTypePostTypeId
1. PTAnswer
UserLastEditorUserId
1. This table or related slice is empty.
UserOwnerUserId
1. USEric Lippert
plurals
PostLinksPostIdRelatedPostId
1. This table or related slice is empty.
PostLinksRelatedPostIdPostId
1. This table or related slice is empty.
PostsAcceptedAnswerId
1. POApplication security issues to consider
 singulars
 PostTypePostTypeId
 PTQuestion
PostsParentIdCreationDate
1. This table or related slice is empty.
VotesPostIdCreationDate
1. VO
 singulars
 PostPostId
 PO
 UserUserId
 This table or related slice is empty.
 VoteTypeVoteTypeId
 VTUpMod
2. VO
 singulars
 PostPostId
 PO
 UserUserId
 This table or related slice is empty.
 VoteTypeVoteTypeId
 VTUpMod
3. VO
 singulars
 PostPostId
 PO
 UserUserId
 This table or related slice is empty.
 VoteTypeVoteTypeId
 VTUpMod
CommentsPostId
1. COThanks Eric. Thats incredibly helpful information.
 singulars
 PostPostId
 PO
 UserUserId
 USuser279521

Querying!

Guidance

A row detail

Detail views are divided into sections. All the information in the data section comes from columns in the selected row. The other sections display data from other, related rows.

Related data can be related in a to-one or a to-many fashion. Captions of data related in a to-many fashion link to a list view showing a filtered view of the table.

Try moving around until you find a non-empty to-many entry and click on the label to get to one. You can move back to the root by clicking on the database name in the header.