 Web Applications Vulnerability Management using a Quantitative Stochastic Risk Modeling MethodSergiu Sechel () Informatica Economica, 2017, vol. 21, issue 3, 16-30 Abstract: The aim of this research is to propose a quantitative risk modeling method that reduces the guess work and uncertainty from the vulnerability and risk assessment activities of web based applications while providing users the flexibility to assess risk according to their risk appetite and tolerance with a high degree of assurance. The research method is based on the research done by the OWASP Foundation on this subject but their risk rating methodology needed de-bugging and updates in different in key areas that are presented in this paper. The modified risk modeling method uses Monte Carlo simulations to model risk characteristics that can’t be determined without guess work and it was tested in vulnerability assessment activities on real production systems and in theory by assigning discrete uniform assumptions to all risk charac-teristics (risk attributes) and evaluate the results after 1.5 million rounds of Monte Carlo simu-lations. Keywords: Vulnerabilities; Quantitative Risk; Web Applications; Monte Carlo; Stochastic Systems; Cybersecurity (search for similar items in EconPapers) Downloads: (external link) Related works: Export reference: BibTeX RIS (EndNote, ProCite, RefMan) HTML/Text Persistent link: https://EconPapers.repec.org/RePEc:aes:infoec:v:21:y:2017:i:3:p:16-30 Access Statistics for this article Informatica Economica is currently edited by Ion Ivan More articles in Informatica Economica from Academy of Economic Studies - Bucharest, Romania Contact information at EDIRC. |
Is your work missing from RePEc? Here is how to contribute.
Questions or problems? Check the EconPapers FAQ or send mail to .
EconPapers is hosted by the
School of Business at Örebro University.