Attack template

Revision as of 21:57, 12 February 2008 by Jeff Williams (Talk | contribs)

Jump to: navigation, search

Every Attack should follow this template.


An attack is an action taken by a threat agent to exploit a vulnerability. Be sure you don't put [threat agents] or [vulnerabilities] in this category.

  1. Start with a one-sentence description of the attack
  2. How is the attack is launched?
  3. Who are the likely threat agents?
  4. What vulnerability does this attack target?

Risk Factors

  • Talk about the factors that make this attack likely or unlikely to actually happen
  • You can mention the likely technical impact of an attack
  • The [business impact] of an attack is probably conjecture, leave it out unless you're sure


Short example name
One paragraph example description with links
Short example name
One paragraph example description with links

Related Attacks

Related Vulnerabilities

Note: the contents of "Related Problems" sections should be placed here

Related Threat Agents

Related Countermeasures

Note: contents of "Avoidance and Mitigation" Sections should be placed here


When the article is reviewed, the "Honeycomb" category can be removed and replaced with the "ASDR" category [[Category:OWASP Honeycomb Project]] [[Category:OWASP ASDR Project]]