Difference between revisions of "Threat agent template"

From OWASP
Jump to: navigation, search
Line 36: Line 36:
  
 
Note: the contents of "Related Problems" sections should be placed here
 
Note: the contents of "Related Problems" sections should be placed here
 
 
==Related [[Countermeasures]]==
 
 
* [[Countermeasure 1]]
 
* [[Countermeasure 2]]
 
 
Note: contents of "Avoidance and Mitigation" Sections should be placed here
 
 
 
==Related [[Technical Impacts]]==
 
 
* [[Technical Impact 1]]
 
* [[Technical Impact 2]]
 
  
  

Revision as of 23:29, 12 February 2008

Every Threat Agent should follow this template.

Description

A threat agent is a group of "attackers" that carry out an attack. They can be human (intentional or unintentional) or natural (flood, fire, etc...).

  1. Start with a one-sentence description of the threat agent
  2. Who are the people that make up this threat agent?
  3. Discuss characteristics of the threat agent.


Risk Factors

  • Talk about the factors that make this threat agent likely or unlikely to attack
  • Be sure to discuss the size, motivation, capabilities, and opportunity of this threat agent


Examples

Short example name
One paragraph example description with links
Short example name
One paragraph example description with links


Related Attacks


Related Vulnerabilities

Note: the contents of "Related Problems" sections should be placed here


References


When the article is reviewed, the "Honeycomb" category can be removed and replaced with the "ASDR" category [[Category:OWASP Honeycomb Project]] [[Category:OWASP ASDR Project]]