• If you are citizen of an European Union member nation, you may not use this service unless you are at least 16 years old.

  • Stop wasting time looking for files and revisions. Connect your Gmail, DriveDropbox, and Slack accounts and in less than 2 minutes, Dokkio will automatically organize all your file attachments. Learn more and claim your free account.

View
 

Threat-Classification-Glossary

Page history last edited by Robert Auger 11 years, 1 month ago

Threat: "A potential violation of security" - ISO 7498-2

 

Impact: Consequences for an organization or environment when an attack is realized, or weakness is present.

 

Attack: A well-defined set of actions that, if successful, would result in either damage to an asset, or undesirable operation.

 

Vulnerability: "An occurrence of a weakness (or multiple weaknesses) within software, in which the weakness can be used by a party to cause the software to modify or access unintended data, interrupt proper execution, or perform incorrect actions that were not specifically granted to the party who uses the weakness." - CWE (http://cwe.mitre.org/documents/glossary/index.html#Vulnerability)

 

Weakness: "A type of mistake in software that, in proper conditions, could contribute to the introduction of vulnerabilities within that software. This term applies to mistakes regardless of whether they occur in implementation, design, or other phases of the SDLC." - CWE (http://cwe.mitre.org/documents/glossary/index.html#Weakness)

Comments (0)

You don't have permission to comment on this page.