Difference between revisions of "Exploit"
From MgmtWiki
(→Full Title) |
(→Context) |
||
| Line 5: | Line 5: | ||
# Exploits are, as a rule, reported to the CVE | # Exploits are, as a rule, reported to the CVE | ||
# As a general rule [[Attacks]] are directed at known exploits, but can include simple exploration of the [[Ecosystem]] looking for an unknown [[Vulnerability]]. | # As a general rule [[Attacks]] are directed at known exploits, but can include simple exploration of the [[Ecosystem]] looking for an unknown [[Vulnerability]]. | ||
| + | |||
| + | ==Solutions== | ||
| + | * [[Indicators of Compromise]] for definitions of discovery when an [[Exploit]] has succeeded against a target. | ||
==References== | ==References== | ||
[[Category: Glossary]] | [[Category: Glossary]] | ||
Revision as of 12:39, 6 September 2022
Contents
Full Title
An Exploit is a malicious implementation of code that takes advantage of a Vulnerability in the design or implementation of a solution.
Context
- Exploits are part of the standard Threat Model
- Exploits are, as a rule, reported to the CVE
- As a general rule Attacks are directed at known exploits, but can include simple exploration of the Ecosystem looking for an unknown Vulnerability.
Solutions
- Indicators of Compromise for definitions of discovery when an Exploit has succeeded against a target.
