Difference between revisions of "Technical Impact template"

From OWASP
Jump to: navigation, search
 
Line 1: Line 1:
Last revision (mm/dd/yy): '''{{REVISIONMONTH}}/{{REVISIONDAY}}/{{REVISIONYEAR}}'''
 
 
 
Every '''[[Technical Impact]]''' should follow this template.
 
Every '''[[Technical Impact]]''' should follow this template.
 +
 +
{{Template:Technical Impact}}
 +
Last revision (mm/dd/yy): '''{{REVISIONMONTH}}/{{REVISIONDAY}}/{{REVISIONYEAR}}'''
  
 
==Description==
 
==Description==
Line 49: Line 50:
 
* http://www.link1.com
 
* http://www.link1.com
 
* [http://www.link2.com Title for the link2]
 
* [http://www.link2.com Title for the link2]
 
 
When the article is reviewed, the "Honeycomb" category SHOULD be removed and replaced with the "ASDR" category
 
<nowiki>[[Category:OWASP Honeycomb Project]]</nowiki>
 
<nowiki>[[Category:OWASP ASDR Project]]</nowiki>
 
  
 
__NOTOC__
 
__NOTOC__

Latest revision as of 10:03, 2 May 2008

Every Technical Impact should follow this template.

This is a Technical Impact. To view all business impact, please see the Technical Impact page.


Last revision (mm/dd/yy): 05/2/2008

Description

A technical impact is the system damage that results from a successful security breach. This is just the effect on the technology, not the business.

  1. Start with a one-sentence description of the technical impact
  2. Describe the technical damage done to the system
  3. Note the security interest that is damaged - confidentiality, integrity, availability, accountability
  4. Is the damage immediate or spread over a time period?


Risk Factors

  • Talk about the factors that govern this technical impact
  • Try to be clear about the factors that make this impact serious


Examples

Short example name

A short example description, small picture, or sample code with links

Short example name

A short example description, small picture, or sample code with links


Related Vulnerabilities


Related Controls


Related Business Impacts


References