Difference between revisions of "Threat agent template"

From OWASP
Jump to: navigation, search
Line 13: Line 13:
 
* Talk about the [[OWASP Risk Rating Methodology|factors]] that make this threat agent likely or unlikely to attack
 
* Talk about the [[OWASP Risk Rating Methodology|factors]] that make this threat agent likely or unlikely to attack
 
* Be sure to discuss the size, motivation, capabilities, and opportunity of this threat agent
 
* Be sure to discuss the size, motivation, capabilities, and opportunity of this threat agent
 
  
 
==Examples==
 
==Examples==
  
; Short example name
+
===Short example name===
: One paragraph example description with [http://www.site.com links]
+
: A short example description, small picture, or sample code with [http://www.site.com links]
 
+
; Short example name
+
: One paragraph example description with [http://www.site.com links]
+
  
 +
===Short example name===
 +
: A short example description, small picture, or sample code with [http://www.site.com links]
  
 
==Related [[Attacks]]==
 
==Related [[Attacks]]==
Line 28: Line 26:
 
* [[Attack 1]]
 
* [[Attack 1]]
 
* [[Attack 2]]
 
* [[Attack 2]]
 
  
 
==Related [[Vulnerabilities]]==
 
==Related [[Vulnerabilities]]==
Line 36: Line 33:
  
 
Note: the contents of "Related Problems" sections should be placed here
 
Note: the contents of "Related Problems" sections should be placed here
 
  
 
==References==
 
==References==
Line 44: Line 40:
  
  
When the article is reviewed, the "Honeycomb" category can be removed and replaced with the "ASDR" category
+
When the article is reviewed, the "Honeycomb" category SHOULD be removed and replaced with the "ASDR" category
 
<nowiki>[[Category:OWASP Honeycomb Project]]</nowiki>
 
<nowiki>[[Category:OWASP Honeycomb Project]]</nowiki>
 
<nowiki>[[Category:OWASP ASDR Project]]</nowiki>
 
<nowiki>[[Category:OWASP ASDR Project]]</nowiki>
  
 
__NOTOC__
 
__NOTOC__

Revision as of 19:04, 18 February 2008

Every Threat Agent should follow this template.

Description

A threat agent is a group of "attackers" that carry out an attack. They can be human (intentional or unintentional) or natural (flood, fire, etc...).

  1. Start with a one-sentence description of the threat agent
  2. Who are the people that make up this threat agent?
  3. Discuss characteristics of the threat agent.


Risk Factors

  • Talk about the factors that make this threat agent likely or unlikely to attack
  • Be sure to discuss the size, motivation, capabilities, and opportunity of this threat agent

Examples

Short example name

A short example description, small picture, or sample code with links

Short example name

A short example description, small picture, or sample code with links

Related Attacks

Related Vulnerabilities

Note: the contents of "Related Problems" sections should be placed here

References


When the article is reviewed, the "Honeycomb" category SHOULD be removed and replaced with the "ASDR" category [[Category:OWASP Honeycomb Project]] [[Category:OWASP ASDR Project]]