• If you are citizen of an European Union member nation, you may not use this service unless you are at least 16 years old.

  • Buried in cloud files? We can help with Spring cleaning!

    Whether you use Dropbox, Drive, G-Suite, OneDrive, Gmail, Slack, Notion, or all of the above, Dokkio will organize your files for you. Try Dokkio (from the makers of PBworks) for free today.

  • Dokkio (from the makers of PBworks) was #2 on Product Hunt! Check out what people are saying by clicking here.

View
 

Threat-Classification-Glossary

Page history last edited by Robert Auger 12 years, 7 months ago

Threat: "A potential violation of security" - ISO 7498-2

 

Impact: Consequences for an organization or environment when an attack is realized, or weakness is present.

 

Attack: A well-defined set of actions that, if successful, would result in either damage to an asset, or undesirable operation.

 

Vulnerability: "An occurrence of a weakness (or multiple weaknesses) within software, in which the weakness can be used by a party to cause the software to modify or access unintended data, interrupt proper execution, or perform incorrect actions that were not specifically granted to the party who uses the weakness." - CWE (http://cwe.mitre.org/documents/glossary/index.html#Vulnerability)

 

Weakness: "A type of mistake in software that, in proper conditions, could contribute to the introduction of vulnerabilities within that software. This term applies to mistakes regardless of whether they occur in implementation, design, or other phases of the SDLC." - CWE (http://cwe.mitre.org/documents/glossary/index.html#Weakness)

Comments (0)

You don't have permission to comment on this page.