Secure Software Countermeasure/ Software Vulnerability Matrix
Weak
Weak runtime
Memory access integrity Weak
Countermeasure\Vulnerability overrun control control encryption
Strong access control V
Secure audit trail V
Secure error messaging V
Prevent SQL injection V
Prevent command injection V
Prevent social engineering
Prevent XSS V
Prevent information leakage (all of them) V V
Prevent eavesdropping of the cache memory
Prevent leakage from app-saved resources
Prevent leakage from binary
Prevent buffer overflow V V
Prevent integer overflow V
Prevent format-string vulnerability V
Ensure secure use of cryptographic materials V
Strong identity/authentication
Runtime authentication
Digital signature
Secure session management
Strong application protocol
Strong Data validation V V
Runtime integrity control V
Runtime resource control
Runtime environment security V
Runtime
Weak incapacita
Weak Command control on tion of
identity/ Weak Weak Unsafe and SQL dynamically system
authenticati application data Information error injection allocated componen Insecure
on protocol validation leakage handling exposure resources ts audit trail
V
V V V
V V V V
V V V
V V V
V V V V
V V V V V
V V
V
V
V V V
V V
V V
V
V
V
V
V V
V V
V V V V
V V
CERT -
XSS Oracle
vulnerabili standard
ty reference
V
V
V
V
V
V
V
V
V
Communication Devices Security Matrix
Device Vulnerabilities Countermeasures
Web browser
Web server
Mobile
Database Security Matrix
Vulnerability Countermeasures
PKI Security Matrix
Vulnerability Countermeasures