Map classic goals to modern attack data and control baselines.
Confidentiality — only authorized parties read data. Example: encrypt S3 objects; restrict KMS keys.
Integrity — data and code are not tampered with. Example: signed commits; RDS backups with immutability.
Availability — systems work when needed. Example: multi-AZ; DDoS protection; runbooked failover.
Real systems trade off cost and usability; threat modeling clarifies which leg matters most per asset.
Click a row for a one-line mitigation focus.
Enforce server-side authorization; deny by default; test IDOR.
TLS everywhere; strong algorithms; protect keys; no sensitive data in URLs.
Parameterize queries; validate input; avoid unsafe eval/OS calls.
Threat modeling; secure defaults; rate limits; business logic review.
Harden stacks; minimal features; automated config checks.
SCA in CI; patch SLAs; virtual patching where needed.
MFA; secure session mgmt; credential stuffing defenses.
Signed artifacts; verify dependencies; secure CI/CD.
Detect breaches; retain audit logs; alert on anomalies.
Segment networks; allowlist destinations; metadata service protections.