Abuse Case
What is Abuse Case?
Abuse CaseA requirements artifact that describes how a malicious actor would deliberately try to misuse a system to harm users, data or the business.
An abuse case is the security-focused counterpart of a use case: instead of describing how a legitimate user reaches a goal, it describes how an attacker would intentionally break, subvert or weaponize a feature. Abuse cases are written during requirements and design, often alongside misuse cases, and feed directly into threat modeling, security requirements and test plans. Each abuse case typically identifies an actor, an attack goal, preconditions, the sequence of malicious actions and the expected impact. Capturing abuse cases early forces product, engineering and security to share a common picture of adversarial behaviour before code is written.
● Examples
- 01
Attacker abuses the password-reset flow to enumerate valid user accounts via response timing.
- 02
Malicious seller abuses a coupon endpoint to stack discounts beyond the intended limit.
● Frequently asked questions
What is Abuse Case?
A requirements artifact that describes how a malicious actor would deliberately try to misuse a system to harm users, data or the business. It belongs to the Application Security category of cybersecurity.
What does Abuse Case mean?
A requirements artifact that describes how a malicious actor would deliberately try to misuse a system to harm users, data or the business.
How do you defend against Abuse Case?
Defences for Abuse Case typically combine technical controls and operational practices, as detailed in the full definition above.