Fork me on GitHub

Information Gathering -> Monitoring: Defence metrics

Risk and Opportunity

Risk: IDS/IPS systems like packet- or application-firewalls detect and prevent attacks. It is not known how many attacks has been detected and blocked.
Opportunity: Gathering of defence metrics like TCP/UDP sources enables to assume the geographic location of the requeist.

Exploit details

Usefullness: High
Required knowledge: Medium (two disciplines)
Required time: Very High
Required resources (systems): Low

Additional Information

Dependencies: Visualized metrics
OWASP SAMM 2 Mapping: o-incident-management|A|2