Table 7 Defense mechanism configurations defined in securiCAD for cyber security Analysis

Host

ASLR

1

1

1

1

AntiMalware

1

0

1

0

DEP

1

1

1

1

Hardened

0

1

0

1

HostFirewall

1

0

1

0

Patched

0.95

0.5

0.75

0.25

StaticARPTables

1

1

1

1

Service

Patched

0.95

0.5

0.75

0.25

Client

Patched

0.95

0.5

0.75

0.25

Network

DNSSec

1

0

1

0

Authenticated

1

0

1

0

Nonce

1

0

1

0

SoftwareProduct (Hosts)

HasVendorSupport

1

1

1

1

NoPatchableVulnerability

0.2

0.5

0

0.75

NoUnpatchableVulnerability

0.99

0.99

0.9

0.99

SafeLanguages

0

0

0

0

Scrutinized

1

1

1

1

SecretBinary

0

0

0

0

SecretSource

0.5

0.5

0.5

0.5

StaticCodeAnalysis

1

1

1

1

SoftwareProduct (Clients & Services)

HasVendorSupport

1

1

1

1

NoPatchableVulnerability

0.1

0.75

0

0.75

NoUnpatchableVulnerability

0.75

0.99

0.9

0.99

SafeLanguages

0

0

0

0

Scrutinized

0.75

0.75

0.75

0.75

SecretBinary

0

0

0

0

SecretSource

1

1

1

1

StaticCodeAnalysis

1

0.25

1

0.25

ZoneManagement

AntiMalwarePolicy

1

1

1

0.5

ChangeControl

0.99

0.5

0.99

0.5

HostFirewall

0.99

0.5

0.99

0.5

PatchManagement

0

0

0

0

WebApplication

BlackBoxTesting

0.75

0.5

0.75

0.5

NoPublicCIVulnerabilities

0.95

1

0.95

1

NoPublicRFIVulnerabilities

0.95

1

0.95

1

NoPublicSQLIVulnerabilities

0.95

1

0.95

1

NoPublicXSSVulnerabilities

0.95

1

0.95

1

SecurityAwareDevelopers

0.75

0.5

0.75

0.5

StaticCodeAnalysis

0.5

0.5

0.5

0.5

TypeSafeAPI

0.75

0.25

0.75

0.25

Firewall

Enabled

1

1

1

1

KnownRuleSet

0.99

0.95

0.99

0.75

Datastore

Encrypted

0.5

0

0.5

0

AccessControl

Backoff

0.5

0

0.5

0

Enabled

1

1

1

1

HashedPasswordRepository

1

1

1

1

NoDefaultPasswords

0.99

0.5

0.99

0.25

PasswordPolicyEnforcement

1

0

1

0

Salting

1

1

1

0.5

User

SecurityAware

1

1

0

0

Keystore

Encrypted

1

1

1

1