Technical Impact template

From OWASP
Revision as of 08:26, 2 May 2008 by Leocavallari (Talk | contribs)

Jump to: navigation, search

Last revision (mm/dd/yy): 05/2/2008

Every Technical Impact should follow this template.

Description

A technical impact is the system damage that results from a successful security breach. This is just the effect on the technology, not the business.

  1. Start with a one-sentence description of the technical impact
  2. Describe the technical damage done to the system
  3. Note the security interest that is damaged - confidentiality, integrity, availability, accountability
  4. Is the damage immediate or spread over a time period?


Risk Factors

  • Talk about the factors that govern this technical impact
  • Try to be clear about the factors that make this impact serious


Examples

Short example name

A short example description, small picture, or sample code with links

Short example name

A short example description, small picture, or sample code with links


Related Vulnerabilities


Related Controls


Related Business Impacts


References


When the article is reviewed, the "Honeycomb" category SHOULD be removed and replaced with the "ASDR" category [[Category:OWASP Honeycomb Project]] [[Category:OWASP ASDR Project]]