Hacktica DSMM Entities (E1–E4)

DSMM
Hacktica DSMM Entities (E1–E4) EntityNameDescriptionE1Input Layer (App Entities)Fields and structures controlled by the user in the request payload→ Param Name, Param Value, POST body, JSON, XML, Multipart, etc.→ Request Headers…

Indexed Prevention Elements

sarc
SARC → PA Indexed Prevention Elements D1. Signatures [S1] RCE AV (Remote Command Execution) [S2] SQLi (SQL Injection) [S3] XSS (Cross-site Scripting) [S4] LFI (Local File Inclusion) [S5] RFI (Remote…

Hacktica AI enviromnet

Security AI
If you want to do what we do with AI. Create a project Hacktica AI feeds Uploads those files Start asking questions in the protect prompt e.g. What are my…

Risk Mitigation Score (RMS)

RMS
RMS is a custom security metric developed by Hacktica to quantify how effectively a security control (like a WAF or bot manager) reduces real-world risk. Hacktica RMS Strengths: 1.Focuses on…

Automated Traffic Threats

ATT
Hacktica DSMM define Automated traffic threat 4 category 1.Data Collect (Automated data harvesting and scraping) 2.Payloads Submit (Spamming and sending misleading data, Fake accounts and registration abuse) 3.Transactions Tweak (Manipulating…

Defensive Security Management Methodology (DSMM)

DSMM
DSMM (Defensive Security Management Methodology) is turning security operations into measurable, value-driven engineering. Security is measurable .DSMM is Hacktica’s proprietary methodology that translates defensive security work into measurable business value.…

PE’s

WAF
•PE = traps to catch the attack Traffic footprint – elements of the rule – S/A/R/CI •Rule = combination  of PE to find and prevent a known footprint of attack…

Security Evaluations @ WAF

WAF
Security Controls Assessment (SCA) WAF is the ultimate security solution for Detecting and Mitigating attacks against web application. With proper configuration and solid process most Web Application Attacks can be…

WAF types

WAF
 location mangment WAF type Screening WAF on perm / cloud / fully manageservice Perimeter WAF on perm / cloud / self manage monolity / microservices Mesh WAF on perm / cloud / self manage microservices 

WAF Workshop FAQ

WAF
WAF have many considerations throughout its life cycle. Getting your WAF to good enough security requires a solid review of Assents, Implementations and Response (AIR model) Workshops are small chunks…