feat: published reference bib
This commit is contained in:
Jannik Meier
@@ -0,0 +1,542 @@
|
||||
% Referenzen für 4ca – Bedrohungsmodellierung / OWASP
|
||||
|
||||
@misc{owasp_top10_2021,
|
||||
author = {{OWASP Foundation}},
|
||||
title = {{OWASP Top 10:2021}},
|
||||
year = {2021},
|
||||
url = {https://owasp.org/Top10/},
|
||||
note = {Abgerufen am 09.06.2026}
|
||||
}
|
||||
|
||||
@misc{owasp_asvs,
|
||||
author = {{OWASP Foundation}},
|
||||
title = {{Application Security Verification Standard (ASVS) v4.0.3}},
|
||||
year = {2021},
|
||||
url = {https://owasp.org/www-project-application-security-verification-standard/},
|
||||
note = {Abgerufen am 09.06.2026}
|
||||
}
|
||||
|
||||
@misc{owasp_risk_rating,
|
||||
author = {{OWASP Foundation}},
|
||||
title = {{OWASP Risk Rating Methodology}},
|
||||
year = {2021},
|
||||
url = {https://owasp.org/www-community/OWASP_Risk_Rating_Methodology},
|
||||
note = {Abgerufen am 09.06.2026}
|
||||
}
|
||||
|
||||
@misc{cwe_mitre,
|
||||
author = {{MITRE Corporation}},
|
||||
title = {{Common Weakness Enumeration (CWE)}},
|
||||
year = {2024},
|
||||
url = {https://cwe.mitre.org/},
|
||||
note = {Abgerufen am 09.06.2026}
|
||||
}
|
||||
|
||||
@misc{mitre_attack,
|
||||
author = {{MITRE Corporation}},
|
||||
title = {{MITRE ATT\&CK Enterprise Matrix}},
|
||||
year = {2024},
|
||||
url = {https://attack.mitre.org/},
|
||||
note = {Abgerufen am 09.06.2026}
|
||||
}
|
||||
|
||||
@techreport{nist_sp800_53,
|
||||
author = {{National Institute of Standards and Technology}},
|
||||
title = {{Security and Privacy Controls for Information Systems and Organizations (SP 800-53 Rev. 5)}},
|
||||
institution = {NIST},
|
||||
year = {2020},
|
||||
number = {SP 800-53 Rev. 5},
|
||||
doi = {10.6028/NIST.SP.800-53r5}
|
||||
}
|
||||
|
||||
@techreport{bsi_app31,
|
||||
author = {{Bundesamt für Sicherheit in der Informationstechnik}},
|
||||
title = {{IT-Grundschutz-Baustein APP.3.1: Webanwendungen und Webservices}},
|
||||
institution = {BSI},
|
||||
year = {2023},
|
||||
url = {https://www.bsi.bund.de/SharedDocs/Downloads/DE/BSI/Grundschutz/Kompendium/IT_Grundschutz_Kompendium_Edition2023.pdf}
|
||||
}
|
||||
|
||||
@techreport{nist_pqc_2024,
|
||||
author = {{National Institute of Standards and Technology}},
|
||||
title = {{Post-Quantum Cryptography Standards: FIPS 203 (ML-KEM), FIPS 204 (ML-DSA), FIPS 205 (SLH-DSA)}},
|
||||
institution = {NIST},
|
||||
year = {2024},
|
||||
url = {https://csrc.nist.gov/projects/post-quantum-cryptography/post-quantum-cryptography-standardization}
|
||||
}
|
||||
|
||||
@misc{spycloud_2024,
|
||||
author = {{SpyCloud}},
|
||||
title = {{Annual Identity Exposure Report 2024}},
|
||||
year = {2024},
|
||||
url = {https://spycloud.com/resource/2024-annual-identity-exposure-report/},
|
||||
note = {Abgerufen am 09.06.2026}
|
||||
}
|
||||
|
||||
@misc{mandiant_mtrends_2024,
|
||||
author = {{Mandiant}},
|
||||
title = {{M-Trends 2024: Special Report}},
|
||||
year = {2024},
|
||||
url = {https://www.mandiant.com/m-trends},
|
||||
note = {Abgerufen am 09.06.2026}
|
||||
}
|
||||
|
||||
@misc{uber_breach_2022,
|
||||
author = {{Uber Technologies}},
|
||||
title = {{Security Update -- September 2022}},
|
||||
year = {2022},
|
||||
url = {https://www.uber.com/newsroom/security-update/},
|
||||
note = {Abgerufen am 09.06.2026}
|
||||
}
|
||||
|
||||
@misc{capitalone_breach_2019,
|
||||
author = {Krebs, Brian},
|
||||
title = {{Capital One Data Theft Impacts 106M People}},
|
||||
howpublished = {KrebsOnSecurity},
|
||||
year = {2019},
|
||||
url = {https://krebsonsecurity.com/2019/07/capital-one-data-theft-impacts-106m-people/},
|
||||
note = {Abgerufen am 09.06.2026}
|
||||
}
|
||||
|
||||
@misc{twitter_plaintext_2018,
|
||||
author = {{Twitter}},
|
||||
title = {{Keeping your account secure}},
|
||||
year = {2018},
|
||||
url = {https://blog.twitter.com/en_us/topics/company/2018/keeping-your-account-secure},
|
||||
note = {Abgerufen am 09.06.2026}
|
||||
}
|
||||
|
||||
@misc{cve_log4shell,
|
||||
author = {{MITRE Corporation}},
|
||||
title = {{CVE-2021-44228: Apache Log4j2 Remote Code Execution (Log4Shell)}},
|
||||
year = {2021},
|
||||
url = {https://nvd.nist.gov/vuln/detail/CVE-2021-44228},
|
||||
note = {National Vulnerability Database}
|
||||
}
|
||||
|
||||
@misc{cve_spring4shell,
|
||||
author = {{MITRE Corporation}},
|
||||
title = {{CVE-2022-22965: Spring Framework Remote Code Execution (Spring4Shell)}},
|
||||
year = {2022},
|
||||
url = {https://nvd.nist.gov/vuln/detail/CVE-2022-22965},
|
||||
note = {National Vulnerability Database}
|
||||
}
|
||||
|
||||
@misc{cve_confluence_2022,
|
||||
author = {{MITRE Corporation}},
|
||||
title = {{CVE-2022-26134: Confluence Server OGNL Injection}},
|
||||
year = {2022},
|
||||
url = {https://nvd.nist.gov/vuln/detail/CVE-2022-26134},
|
||||
note = {National Vulnerability Database}
|
||||
}
|
||||
|
||||
@misc{cve_freak,
|
||||
author = {{MITRE Corporation}},
|
||||
title = {{CVE-2015-0204: FREAK – Factoring RSA Export Keys}},
|
||||
year = {2015},
|
||||
url = {https://nvd.nist.gov/vuln/detail/CVE-2015-0204},
|
||||
note = {National Vulnerability Database}
|
||||
}
|
||||
|
||||
@misc{cve_logjam,
|
||||
author = {{MITRE Corporation}},
|
||||
title = {{CVE-2015-4000: Logjam TLS Downgrade Attack}},
|
||||
year = {2015},
|
||||
url = {https://nvd.nist.gov/vuln/detail/CVE-2015-4000},
|
||||
note = {National Vulnerability Database}
|
||||
}
|
||||
|
||||
@misc{cve_crime,
|
||||
author = {{MITRE Corporation}},
|
||||
title = {{CVE-2012-4929: CRIME -- Compression Ratio Info-leak Made Easy}},
|
||||
year = {2012},
|
||||
url = {https://nvd.nist.gov/vuln/detail/CVE-2012-4929},
|
||||
note = {National Vulnerability Database}
|
||||
}
|
||||
|
||||
@misc{cve_jackson_2017,
|
||||
author = {{MITRE Corporation}},
|
||||
title = {{CVE-2017-7525: Jackson-databind Deserialization Vulnerability}},
|
||||
year = {2017},
|
||||
url = {https://nvd.nist.gov/vuln/detail/CVE-2017-7525},
|
||||
note = {National Vulnerability Database}
|
||||
}
|
||||
|
||||
@misc{cve_jquery_2019,
|
||||
author = {{MITRE Corporation}},
|
||||
title = {{CVE-2019-11358: jQuery Prototype Pollution}},
|
||||
year = {2019},
|
||||
url = {https://nvd.nist.gov/vuln/detail/CVE-2019-11358},
|
||||
note = {National Vulnerability Database}
|
||||
}
|
||||
|
||||
@misc{cve_dompurify_2020,
|
||||
author = {{MITRE Corporation}},
|
||||
title = {{CVE-2020-26870: DOMPurify Mutation XSS Bypass}},
|
||||
year = {2020},
|
||||
url = {https://nvd.nist.gov/vuln/detail/CVE-2020-26870},
|
||||
note = {National Vulnerability Database}
|
||||
}
|
||||
|
||||
@misc{cve_exchange_2020,
|
||||
author = {{MITRE Corporation}},
|
||||
title = {{CVE-2020-0688: Microsoft Exchange Server Remote Code Execution}},
|
||||
year = {2020},
|
||||
url = {https://nvd.nist.gov/vuln/detail/CVE-2020-0688},
|
||||
note = {National Vulnerability Database}
|
||||
}
|
||||
|
||||
@misc{iso_27001,
|
||||
author = {{International Organization for Standardization}},
|
||||
title = {{ISO/IEC 27001:2022 -- Information Security Management Systems}},
|
||||
year = {2022},
|
||||
url = {https://www.iso.org/standard/82875.html}
|
||||
}
|
||||
|
||||
@misc{nis2_directive,
|
||||
author = {{Europäisches Parlament und Rat der Europäischen Union}},
|
||||
title = {{Richtlinie (EU) 2022/2555 über Maßnahmen für ein hohes gemeinsames Cybersicherheitsniveau in der Union (NIS2)}},
|
||||
year = {2022},
|
||||
url = {https://eur-lex.europa.eu/legal-content/DE/TXT/?uri=CELEX:32022L2555}
|
||||
}
|
||||
|
||||
@misc{dsgvo_art32,
|
||||
author = {{Europäisches Parlament und Rat der Europäischen Union}},
|
||||
title = {{Verordnung (EU) 2016/679 -- Datenschutz-Grundverordnung (DSGVO), Art. 32}},
|
||||
year = {2016},
|
||||
url = {https://eur-lex.europa.eu/legal-content/DE/TXT/?uri=CELEX:32016R0679}
|
||||
}
|
||||
|
||||
@misc{fido2_webauthn,
|
||||
author = {{W3C and FIDO Alliance}},
|
||||
title = {{Web Authentication (WebAuthn) Level 2}},
|
||||
year = {2021},
|
||||
url = {https://www.w3.org/TR/webauthn-2/},
|
||||
note = {W3C Recommendation}
|
||||
}
|
||||
|
||||
@article{bell_lapadula,
|
||||
author = {Bell, D. E. and LaPadula, L. J.},
|
||||
title = {{Secure Computer Systems: Mathematical Foundations}},
|
||||
journal = {MITRE Technical Report MTR-2547},
|
||||
year = {1973},
|
||||
institution = {The MITRE Corporation}
|
||||
}
|
||||
|
||||
@misc{akamai_soti_2024,
|
||||
author = {{Akamai Technologies}},
|
||||
title = {{State of the Internet / Security: Credential Stuffing Report}},
|
||||
year = {2024},
|
||||
url = {https://www.akamai.com/resources/state-of-the-internet/soti-security},
|
||||
note = {Abgerufen am 09.06.2026}
|
||||
}
|
||||
|
||||
@misc{hibp,
|
||||
author = {Hunt, Troy},
|
||||
title = {{Have I Been Pwned -- Check if your email has been compromised}},
|
||||
year = {2013},
|
||||
url = {https://haveibeenpwned.com/},
|
||||
note = {Abgerufen am 09.06.2026}
|
||||
}
|
||||
|
||||
@techreport{rfc9106_argon2,
|
||||
author = {Biryukov, Alex and Dinu, Daniel and Khovratovich, Dmitry and Josefsson, Simon},
|
||||
title = {{Argon2 Memory-Hard Function for Password Hashing and Proof-of-Work Applications (RFC 9106)}},
|
||||
institution = {IETF},
|
||||
year = {2021},
|
||||
number = {RFC 9106},
|
||||
doi = {10.17487/RFC9106}
|
||||
}
|
||||
|
||||
@misc{owasp_sqli_cheatsheet,
|
||||
author = {{OWASP Foundation}},
|
||||
title = {{SQL Injection Prevention Cheat Sheet}},
|
||||
year = {2024},
|
||||
url = {https://cheatsheetseries.owasp.org/cheatsheets/SQL_Injection_Prevention_Cheat_Sheet.html},
|
||||
note = {Abgerufen am 09.06.2026}
|
||||
}
|
||||
|
||||
@misc{owasp_csrf_cheatsheet,
|
||||
author = {{OWASP Foundation}},
|
||||
title = {{Cross-Site Request Forgery Prevention Cheat Sheet}},
|
||||
year = {2024},
|
||||
url = {https://cheatsheetseries.owasp.org/cheatsheets/Cross-Site_Request_Forgery_Prevention_Cheat_Sheet.html},
|
||||
note = {Abgerufen am 09.06.2026}
|
||||
}
|
||||
|
||||
@misc{doyensec_2023,
|
||||
author = {{Doyensec}},
|
||||
title = {{Threat Intelligence Platform Security Assessment -- Findings Summary}},
|
||||
year = {2023},
|
||||
note = {Interner Penetrationstest-Bericht; nicht öffentlich zugänglich}
|
||||
}
|
||||
|
||||
@misc{cve_jenkins_2017,
|
||||
author = {{MITRE Corporation}},
|
||||
title = {{CVE-2017-1000353: Jenkins Remote Code Execution via Unsafe Deserialization}},
|
||||
year = {2017},
|
||||
url = {https://nvd.nist.gov/vuln/detail/CVE-2017-1000353},
|
||||
note = {National Vulnerability Database}
|
||||
}
|
||||
|
||||
@misc{trusted_types_w3c,
|
||||
author = {{W3C}},
|
||||
title = {{Trusted Types -- W3C Working Draft}},
|
||||
year = {2024},
|
||||
url = {https://w3c.github.io/trusted-types/dist/spec/},
|
||||
note = {Abgerufen am 09.06.2026}
|
||||
}
|
||||
|
||||
% ── Neue Quellen (3b-Vertiefung) ────────────────────────────────────────────
|
||||
|
||||
@misc{bsi_grundschutz_online_kurs,
|
||||
author = {{Bundesamt für Sicherheit in der Informationstechnik}},
|
||||
title = {{Online-Kurs IT-Grundschutz -- Lektion 1: Einführung}},
|
||||
year = {2024},
|
||||
url = {https://www.bsi.bund.de/DE/Themen/Unternehmen-und-Organisationen/Standards-und-Zertifizierung/IT-Grundschutz/Zertifizierte-Informationssicherheit/IT-Grundschutzschulung/Online-Kurs-IT-Grundschutz/online-kurs-it-grundschutz_node.html},
|
||||
note = {Abgerufen am 09.06.2026}
|
||||
}
|
||||
|
||||
@misc{bsi_standards,
|
||||
author = {{Bundesamt für Sicherheit in der Informationstechnik}},
|
||||
title = {{BSI-Standards zur Informationssicherheit}},
|
||||
year = {2024},
|
||||
url = {https://www.bsi.bund.de/DE/Themen/Unternehmen-und-Organisationen/Standards-und-Zertifizierung/IT-Grundschutz/BSI-Standards/bsi-standards_node.html},
|
||||
note = {Abgerufen am 09.06.2026}
|
||||
}
|
||||
|
||||
@techreport{bsi_200_2,
|
||||
author = {{Bundesamt für Sicherheit in der Informationstechnik}},
|
||||
title = {{BSI-Standard 200-2: IT-Grundschutz-Methodik}},
|
||||
institution = {BSI},
|
||||
year = {2017},
|
||||
url = {https://www.bsi.bund.de/SharedDocs/Downloads/DE/BSI/Grundschutz/BSI_Standards/standard_200_2.pdf}
|
||||
}
|
||||
|
||||
@techreport{bsi_200_3,
|
||||
author = {{Bundesamt für Sicherheit in der Informationstechnik}},
|
||||
title = {{BSI-Standard 200-3: Risikoanalyse auf der Basis von IT-Grundschutz}},
|
||||
institution = {BSI},
|
||||
year = {2017},
|
||||
url = {https://www.bsi.bund.de/SharedDocs/Downloads/DE/BSI/Grundschutz/BSI_Standards/standard_200_3.pdf}
|
||||
}
|
||||
|
||||
@misc{bdsg_2018,
|
||||
author = {{Bundesrepublik Deutschland}},
|
||||
title = {{Bundesdatenschutzgesetz (BDSG) in der Fassung vom 30.06.2017}},
|
||||
year = {2017},
|
||||
url = {https://www.gesetze-im-internet.de/bdsg_2018/},
|
||||
note = {BGBl. I S. 2097}
|
||||
}
|
||||
|
||||
@techreport{iso_31000,
|
||||
author = {{International Organization for Standardization}},
|
||||
title = {{ISO 31000:2018 -- Risk Management: Guidelines}},
|
||||
institution = {ISO},
|
||||
year = {2018},
|
||||
number = {ISO 31000:2018},
|
||||
url = {https://www.iso.org/standard/65694.html}
|
||||
}
|
||||
|
||||
@misc{iec_62443,
|
||||
author = {{International Electrotechnical Commission}},
|
||||
title = {{IEC 62443: Security for Industrial Automation and Control Systems}},
|
||||
year = {2023},
|
||||
url = {https://www.iec.ch/iecnorm/4716/}
|
||||
}
|
||||
|
||||
@misc{iec_61508,
|
||||
author = {{International Electrotechnical Commission}},
|
||||
title = {{IEC 61508: Functional Safety of E/E/PE Safety-Related Systems}},
|
||||
year = {2010},
|
||||
url = {https://www.iec.ch/functionalsafety/}
|
||||
}
|
||||
|
||||
@misc{eu_cra,
|
||||
author = {{Europäisches Parlament und Rat der Europäischen Union}},
|
||||
title = {{Verordnung (EU) 2024/2847 -- Cyber Resilience Act (CRA)}},
|
||||
year = {2024},
|
||||
url = {https://eur-lex.europa.eu/legal-content/DE/TXT/?uri=CELEX:32024R2847}
|
||||
}
|
||||
|
||||
@misc{mitre_capec,
|
||||
author = {{MITRE Corporation}},
|
||||
title = {{Common Attack Pattern Enumeration and Classification (CAPEC)}},
|
||||
year = {2024},
|
||||
url = {https://capec.mitre.org/},
|
||||
note = {Abgerufen am 09.06.2026}
|
||||
}
|
||||
|
||||
@misc{enisa_threat_landscape,
|
||||
author = {{European Union Agency for Cybersecurity (ENISA)}},
|
||||
title = {{ENISA Threat Landscape 2024}},
|
||||
year = {2024},
|
||||
url = {https://www.enisa.europa.eu/publications/enisa-threat-landscape-2024},
|
||||
note = {Abgerufen am 09.06.2026}
|
||||
}
|
||||
|
||||
% ── CWE – Common Weakness Enumeration ───────────────────────────────────────
|
||||
|
||||
@misc{cwe20,
|
||||
author = {{MITRE Corporation}},
|
||||
title = {{CWE-20: Improper Input Validation}},
|
||||
year = {2024},
|
||||
url = {https://cwe.mitre.org/data/definitions/20.html},
|
||||
note = {Abgerufen am 16.06.2026}
|
||||
}
|
||||
|
||||
@misc{cwe89,
|
||||
author = {{MITRE Corporation}},
|
||||
title = {{CWE-89: Improper Neutralization of Special Elements used in an SQL Command (SQL Injection)}},
|
||||
year = {2024},
|
||||
url = {https://cwe.mitre.org/data/definitions/89.html},
|
||||
note = {Abgerufen am 16.06.2026}
|
||||
}
|
||||
|
||||
@misc{cwe287,
|
||||
author = {{MITRE Corporation}},
|
||||
title = {{CWE-287: Improper Authentication}},
|
||||
year = {2024},
|
||||
url = {https://cwe.mitre.org/data/definitions/287.html},
|
||||
note = {Abgerufen am 16.06.2026}
|
||||
}
|
||||
|
||||
@misc{cwe307,
|
||||
author = {{MITRE Corporation}},
|
||||
title = {{CWE-307: Improper Restriction of Excessive Authentication Attempts}},
|
||||
year = {2024},
|
||||
url = {https://cwe.mitre.org/data/definitions/307.html},
|
||||
note = {Abgerufen am 16.06.2026}
|
||||
}
|
||||
|
||||
@misc{cwe502,
|
||||
author = {{MITRE Corporation}},
|
||||
title = {{CWE-502: Deserialization of Untrusted Data}},
|
||||
year = {2024},
|
||||
url = {https://cwe.mitre.org/data/definitions/502.html},
|
||||
note = {Abgerufen am 16.06.2026}
|
||||
}
|
||||
|
||||
@misc{cwe521,
|
||||
author = {{MITRE Corporation}},
|
||||
title = {{CWE-521: Weak Password Requirements}},
|
||||
year = {2024},
|
||||
url = {https://cwe.mitre.org/data/definitions/521.html},
|
||||
note = {Abgerufen am 16.06.2026}
|
||||
}
|
||||
|
||||
@misc{cwe611,
|
||||
author = {{MITRE Corporation}},
|
||||
title = {{CWE-611: Improper Restriction of XML External Entity Reference}},
|
||||
year = {2024},
|
||||
url = {https://cwe.mitre.org/data/definitions/611.html},
|
||||
note = {Abgerufen am 16.06.2026}
|
||||
}
|
||||
|
||||
% ── MITRE ATT&CK – Offensive Taktiken ───────────────────────────────────────
|
||||
|
||||
@misc{t1059,
|
||||
author = {{MITRE Corporation}},
|
||||
title = {{T1059: Command and Scripting Interpreter}},
|
||||
year = {2024},
|
||||
url = {https://attack.mitre.org/techniques/T1059/},
|
||||
note = {Abgerufen am 16.06.2026}
|
||||
}
|
||||
|
||||
@misc{t1078,
|
||||
author = {{MITRE Corporation}},
|
||||
title = {{T1078: Valid Accounts}},
|
||||
year = {2024},
|
||||
url = {https://attack.mitre.org/techniques/T1078/},
|
||||
note = {Abgerufen am 16.06.2026}
|
||||
}
|
||||
|
||||
@misc{t1110004,
|
||||
author = {{MITRE Corporation}},
|
||||
title = {{T1110.004: Brute Force -- Credential Stuffing}},
|
||||
year = {2024},
|
||||
url = {https://attack.mitre.org/techniques/T1110/004/},
|
||||
note = {Abgerufen am 16.06.2026}
|
||||
}
|
||||
|
||||
@misc{t1190,
|
||||
author = {{MITRE Corporation}},
|
||||
title = {{T1190: Exploit Public-Facing Application}},
|
||||
year = {2024},
|
||||
url = {https://attack.mitre.org/techniques/T1190/},
|
||||
note = {Abgerufen am 16.06.2026}
|
||||
}
|
||||
|
||||
% ── MITRE D3FEND – Defensive Gegenmaßnahmen ─────────────────────────────────
|
||||
|
||||
@misc{d3anci,
|
||||
author = {{MITRE Corporation}},
|
||||
title = {{D3-ANCI: Authentication Cache Invalidation}},
|
||||
year = {2024},
|
||||
url = {https://d3fend.mitre.org/technique/d3f:AuthenticationCacheInvalidation/},
|
||||
note = {Abgerufen am 16.06.2026}
|
||||
}
|
||||
|
||||
@misc{d3cf,
|
||||
author = {{MITRE Corporation}},
|
||||
title = {{D3-CF: Content Filtering}},
|
||||
year = {2024},
|
||||
url = {https://d3fend.mitre.org/technique/d3f:ContentFiltering/},
|
||||
note = {Abgerufen am 16.06.2026}
|
||||
}
|
||||
|
||||
@misc{d3ch,
|
||||
author = {{MITRE Corporation}},
|
||||
title = {{D3-CH: Credential Hardening}},
|
||||
year = {2024},
|
||||
url = {https://d3fend.mitre.org/technique/d3f:CredentialHardening/},
|
||||
note = {Abgerufen am 16.06.2026}
|
||||
}
|
||||
|
||||
@misc{d3cts,
|
||||
author = {{MITRE Corporation}},
|
||||
title = {{D3-CTS: Credential Transmission Scoping}},
|
||||
year = {2024},
|
||||
url = {https://d3fend.mitre.org/technique/d3f:CredentialTransmissionScoping/},
|
||||
note = {Abgerufen am 16.06.2026}
|
||||
}
|
||||
|
||||
@misc{d3cv,
|
||||
author = {{MITRE Corporation}},
|
||||
title = {{D3-CV: Content Validation}},
|
||||
year = {2024},
|
||||
url = {https://d3fend.mitre.org/technique/d3f:ContentValidation/},
|
||||
note = {Abgerufen am 16.06.2026}
|
||||
}
|
||||
|
||||
@misc{d3dqsa,
|
||||
author = {{MITRE Corporation}},
|
||||
title = {{D3-DQSA: Database Query String Analysis}},
|
||||
year = {2024},
|
||||
url = {https://d3fend.mitre.org/technique/d3f:DatabaseQueryStringAnalysis/},
|
||||
note = {Abgerufen am 16.06.2026}
|
||||
}
|
||||
|
||||
@misc{d3ma,
|
||||
author = {{MITRE Corporation}},
|
||||
title = {{D3-MA: Message Authentication}},
|
||||
year = {2024},
|
||||
url = {https://d3fend.mitre.org/technique/d3f:MessageAuthentication/},
|
||||
note = {Abgerufen am 16.06.2026}
|
||||
}
|
||||
|
||||
@misc{d3mfa,
|
||||
author = {{MITRE Corporation}},
|
||||
title = {{D3-MFA: Multi-factor Authentication}},
|
||||
year = {2024},
|
||||
url = {https://d3fend.mitre.org/technique/d3f:Multi-factorAuthentication/},
|
||||
note = {Abgerufen am 16.06.2026}
|
||||
}
|
||||
|
||||
@misc{d3spp,
|
||||
author = {{MITRE Corporation}},
|
||||
title = {{D3-SPP: Strong Password Policy}},
|
||||
year = {2024},
|
||||
url = {https://d3fend.mitre.org/technique/d3f:StrongPasswordPolicy/},
|
||||
note = {Abgerufen am 16.06.2026}
|
||||
}
|
||||
Reference in New Issue
Block a user