Applications

There are a variety of ways to support web applications and attack surface varies by configuration as well the mitigations used to support the configuration.

In this section, we collect and evaluate the attack surface for common web application configurations with the intention to make this system available for reference in other ATTACKS.md files. The following attack model components have been defined:

1. E6-001 Basic 3-Tier Website / Same Subnet
2. E6-002 Basic 3-Tier Website / Different Subnets