Category talk:Threat Agent

From OWASP
Revision as of 16:13, 9 November 2006 by Roodee (Talk | contribs)

(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to: navigation, search

I can appreciate the attempt made to clarify threats with respect to risk, but a redirection on the wiki from threat to threat agent does not, in my opinion, clarify the most basic concept of threat. The definition of 'threat agent' is distinct from the definition of 'threat'. Agent implies a causative entity and, in the case of the wiki entry, I think has been roughly sketched. What has not been done yet is to define the types of events (the threat) the causative entity (threat agent) brings about. Perhaps a rough workflow of a standard security event (a system compromise) will serve to identify the necessary components that need definition. This may also provide the context needed to keep the definitions from shifting.

Here is my previous comment on threat: Category_talk:Threat