• If you are citizen of an European Union member nation, you may not use this service unless you are at least 16 years old.

  • Finally, you can manage your Google Docs, uploads, and email attachments (plus Dropbox and Slack files) in one convenient place. Claim a free account, and in less than 2 minutes, Dokkio (from the makers of PBworks) can automatically organize your content for you.

View
 

Threat-Classification-Glossary

Page history last edited by Robert Auger 11 years, 3 months ago

Threat: "A potential violation of security" - ISO 7498-2

 

Impact: Consequences for an organization or environment when an attack is realized, or weakness is present.

 

Attack: A well-defined set of actions that, if successful, would result in either damage to an asset, or undesirable operation.

 

Vulnerability: "An occurrence of a weakness (or multiple weaknesses) within software, in which the weakness can be used by a party to cause the software to modify or access unintended data, interrupt proper execution, or perform incorrect actions that were not specifically granted to the party who uses the weakness." - CWE (http://cwe.mitre.org/documents/glossary/index.html#Vulnerability)

 

Weakness: "A type of mistake in software that, in proper conditions, could contribute to the introduction of vulnerabilities within that software. This term applies to mistakes regardless of whether they occur in implementation, design, or other phases of the SDLC." - CWE (http://cwe.mitre.org/documents/glossary/index.html#Weakness)

Comments (0)

You don't have permission to comment on this page.