Control template

Last revision (mm/dd/yy): //

Every Control should follow this template.

Description
A control (countermeasure or security control) is a protection mechanism that prevents, deters, or detects attacks, or prevents or reduces vulnerabilities.


 * 1) Start with a one-sentence description of the control
 * 2) How does the countermeasure work?
 * 3) What are some examples of implementations of the control (steer clear of specific products)

Risk Factors

 * Talk about the factors that this control affects
 * What effect does this countermeasure have on the attack or vulnerability?
 * Does this control reduce the technical or business impact?

Difficulty to Implement

 * Discuss the typical difficulty of implementing this control, emphasizing the factors that make it easier or harder
 * Steer clear of language/platform specific information here

Short example name

 * A short example description, small picture, or sample code with links

Short example name

 * A short example description, small picture, or sample code with links

Related Attacks

 * Attack 1
 * Attack 2

Related Vulnerabilities

 * Vulnerability 1
 * Vulnerabiltiy 2

Note: the contents of "Related Problems" sections should be placed here

Related Controls

 * Countermeasure 1
 * Countermeasure 2

Note: contents of "Avoidance and Mitigation" and "Countermeasure" related Sections should be placed here