Category:Threat Agent

From OWASP
Revision as of 21:21, 15 October 2006 by OWASP (Talk | contribs)

(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to: navigation, search

This category is for tagging articles related to common application security threats.

What is a threat agent?

We use the term 'threat agent' to describe the actor involved with an attack. Note that Microsoft literature uses the word 'threat' to refer to the likelihood of something bad happening - generally referred to as a 'risk' in the security literature.

Threat agents fall into several broad categories:

  • Natural (flood, fire, lightning, meteor)
  • Human Unintentional (accidents, carelessness)
  • Human Intentional (insider, outsider)

Threat modeling is an activity to identify threats and estimate their likelihood. The specific vulnerability, related countermeasures, and impact are not required to discuss a threat, because the threat exists even if the target is well protected against it. For example, there is a threat that an attacker could launch a denial of service attack against your application even if you have sufficient defenses in place.

How to add a new Threat Agent article

You can follow the instructions to make a new Threat Agent article. Please use the appropriate structure and follow the Tutorial. Be sure to paste the following at the end of your article to make it show up in the Threat Agent category:

[[Category:Threat Agent]]

Your article should be specific about the threat agent and potential attacks involved. You should provide details about how to determine whether the threat applies to an application and how to estimate its likelihood.

Subcategories

This category has the following 4 subcategories, out of 4 total.

E

I

Pages in category "Threat Agent"

The following 9 pages are in this category, out of 9 total.