Skip to content
#

threat-modeling

Star

Here are 59 public repositories matching this topic...

Language: All
Filter by language
All 59 JavaScript 8 Python 8 Java 7 HTML 5 Jupyter Notebook 2 C# 1 CSS 1 Gherkin 1 Dockerfile 1 HCL 1
Sort: Best match
Sort options
Best match Most stars Fewest stars Most forks Fewest forks Recently updated Least recently updated

izar / pytm

Star
Open

AA03 - is every implementsAuthenticationScheme an SSO scheme?

colesmj
colesmj commented Oct 21, 2018

"AA03": { "description": "Weakness in SSO Authorization", "source": (Process, Element), "target": (Process, Server), "condition": "target.implementsAuthenticationScheme is False", },

What if the Process implements BasicAuth or uses mutual TLS (neither of which is SSO)?
If the Process uses SAML or OAuth, then maybe.
Maybe authenticationScheme as a string var is neces

Read more
Hacktoberfest enhancement good first issue
Find more good first issues

Improve this page

Add a description, image, and links to the threat-modeling topic page so that developers can more easily learn about it.

Curate this topic

Add this topic to your repo

To associate your repository with the threat-modeling topic, visit your repo's landing page and select "manage topics."

Learn more

You can’t perform that action at this time.