Risk Analysis Packages
A number of risk analysis packages can be used to simplify and standardise security reviews. The software will usually call on a database of experience, prioritise risks and vulnerabilities and suggest remedies for security weaknesses. Such packages do not replace experienced security staff, but provide a structure for reviews and a justification for recommendations as well as performing the calculations involved in achieving an objective assessment of risks and countermeasures. Examples of these are Riskpac, Security By Analysis, MARION and CRAMM.
Unable to display preview. Download preview PDF.