# Acronyms, Abbreviations, and Initialisms

Short Form Full Form
SDLC Software Development Lifecycle
STRIDE Spoofing, Tampering, Repudiation, Information Disclosure, Denial-of-Service, and Elevation of Privilege

# Overview

STRIDE is an acronym that describes six categories of threats to software.

# Categories

The STRIDE acronym stands for:

  • Spoofing
  • Tampering
  • Repudiation
  • Information disclosure
  • Denial-of-service
  • Elevation of privilege

Spoofing is using someone else's credentials to gain access to otherwise inaccessible assets.

Tampering is changing data to mount an attack.

Repudiation occurs when a user denies performing an action, but the target of the action has no way to prove otherwise.

Information disclosure threats are the disclosure of information to a user who does not have permission to see it.

Denial-of-service attacks threaten the ability of valid users to access resources. The resources could be disk space, network connections, or a physical device. Attacks that slow performance to unacceptable levels are also considered denial-of-service attacks.

An elevation-of-privilege attack can occur if an unprivileged user gains privileged status.

# Noteworthy

  • STRIDE contains six categories.
  • STRIDE stands for spoofing, tampering, repudiation, information disclosure, denial-of-service, and elevation of privilege.

# Sources