Analysis of the main components of danger in the construction of information security system of the enterprise

Abstract

The paper analyzes the main components of the information security system of enterprises, which include attacks, threats and vulnerabilities. Based on the current state of research, common lists and classifiers of attacks and vulnerabilities have been reviewed that allow the professional community to use them to describe and investigate the components of a hazard. The results of the work can be used to analyze existing threats and describe the components of an enterprise information security management system.

Keywords: information security, classification, threat, attack, vulnerability.

References
1. Cherian Samuel. ―Cybersecurity: Global, Regional and Domestic Dynamics ―.Institut for Defence Studies and Analyses. New Delhi. Monograph series No42.dec2014.рр10 84с.
2. Kevin Granville ―Recent cyberattacks‖. feb. 5,2015 URL: https://www.nytimes.com/interactive/2015/02/05/ technology/recent-cyberattacks.html?_r=1
3. Ben Rossi ―Top 10 most devastating cyber hacks of 2015‖. Dec. 10,2015 URL: https://www.information-age.com/top-10-most-devastating-cyber-hacks-2015-123460657/
4. James A. Lewis ―Rethinking Cybersecurity: Stratedy, Mass Effect and States‖.CSIS. Jan. 2018. 50с.
5. Cve details. URL: https://www.cvedetails.com/vulnerability-search.php 6. CWE List .View the List of Weaknesses URL: https://cwe.mitre.org/data/index.html Apr. 13 2018. 7. Топ-10 OWASP URL: https://www.imperva.com/app-security/owasp-top-10/
8. Mathy Vanhoef. ―Key Reinstallation Attacks Breaking WPA2 by forcing nonce reuse. imec-DistriNet.‖ KU Leuven. 2017 . URL : https://www.krackattacks.com/
9. Bugcrowd Vulnerability Rating Taxonomy by Bugcrowd.com v1.4. Apr. 13 2018. URL: https://bugcrowd.com/vulnerability-rating-taxonomy.