Category talk:Threat

From OWASP
Revision as of 14:45, 11 October 2006 by Roodee (Talk | contribs)

(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to: navigation, search

I would argue (no surpise there) that threat has little to do with "the potential (or likelihood)" of something bad happening. Instead, a threat should be understood as the "bad happening" itself. In other words, it is the description of that atomic event. Potential and likelihood artifically introduce the concept that a threat is to be understood within the context of probability. I don't think that the definition of threat can, nor should it bear this additional criteria. The concepts of potential and likelihood are more appropriate in describing risk.