Scenario Library Index
Purpose
This library provides a minimal and realistic set of threat scenarios aligned with the current state of the Scheol Security Lab.
The objective is to:
- reflect actual exposure
- support risk consistency
- maintain credible and reviewable documentation
Only scenarios grounded in existing or transitional architecture are included.
Scenario Index
1. External Exposure
| Scenario ID | Title | Status | Link |
|---|---|---|---|
| S-001 | Reverse Proxy Misconfiguration Leading to Service Compromise | Active | View |
2. Application & Data
| Scenario ID | Title | Status | Link |
|---|---|---|---|
| S-002 | Web Application Exploitation Leading to Database Access | Active | View |
3. Administrative Access
| Scenario ID | Title | Status | Link |
|---|---|---|---|
| S-003 | Credential Compromise Leading to Administrative Access | Active | View |
Scenario Relationships
Each scenario is explicitly linked to:
- one or more Assets
- one or more Risk Entries
- future Controls and Validation activities
Scope Limitation
This library intentionally excludes:
- purely theoretical scenarios
- scenarios targeting non-deployed components
- redundant variations of the same attack path
Additional scenarios will be introduced progressively as the lab evolves.
Current Coverage
The current scenario set covers:
- public exposure risks
- application and data compromise
- administrative access risks
This is considered sufficient for the current maturity level of the lab.
Evolution Strategy
New scenarios should only be added when:
- a new asset introduces a meaningful exposure
- an architectural change modifies trust boundaries
- an existing scenario becomes insufficient to model a real risk
The objective is to maintain clarity, realism and traceability, not exhaustiveness.