This page is a placeholder for alpha WASC Threat Classification Data views. The content on this page is experimental and is subject to change. Do not incorporate content on this page into an existing project, or methodology. This is merely a scratchpad for view concepts.
Views to explore
- Component/User/Asset Owner Attacked (Customer, Partner, Service Provider, Merchant, etc)
- Component Compromised/Affected (user's machine, web server, database, etc)
- Top x Attacks? (Perhaps based on WHID data)
- Top x Weaknesses? (Perhaps based on WHID data)
- Vulnerability/Mitigation Layer, or where the vulnerability would be fixed (code, web server, app server, load balancer, proxy)
- Impact (requires building a framework for impacts before we could implement this)
- Mitigation (requires building a framework for mitigation's before we could implement this)
- Language/Development Framework views
- Level of Mitigation/involvement: describe which process would best fix the issue. Think 'Security Framework' vs 'Every Developer' as parents.
- Other
Comments (0)
You don't have permission to comment on this page.