This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org
Difference between revisions of "Technical Impact template"
From OWASP
Leocavallari (talk | contribs) |
Leocavallari (talk | contribs) |
||
| Line 1: | Line 1: | ||
| + | Last revision (mm/dd/yy): '''{{REVISIONMONTH}}/{{REVISIONDAY}}/{{REVISIONYEAR}}''' | ||
| + | |||
Every '''[[Technical Impact]]''' should follow this template. | Every '''[[Technical Impact]]''' should follow this template. | ||
| Line 46: | Line 48: | ||
* http://www.link1.com | * http://www.link1.com | ||
| − | * [http://www.link2.com Title for the | + | * [http://www.link2.com Title for the link2] |
Revision as of 13:26, 2 May 2008
Last revision (mm/dd/yy): 05/2/2008
Every Technical Impact should follow this template.
Description
A technical impact is the system damage that results from a successful security breach. This is just the effect on the technology, not the business.
- Start with a one-sentence description of the technical impact
- Describe the technical damage done to the system
- Note the security interest that is damaged - confidentiality, integrity, availability, accountability
- Is the damage immediate or spread over a time period?
Risk Factors
- Talk about the factors that govern this technical impact
- Try to be clear about the factors that make this impact serious
Examples
Short example name
- A short example description, small picture, or sample code with links
Short example name
- A short example description, small picture, or sample code with links
Related Vulnerabilities
Related Controls
Related Business Impacts
References
When the article is reviewed, the "Honeycomb" category SHOULD be removed and replaced with the "ASDR" category
[[Category:OWASP Honeycomb Project]]
[[Category:OWASP ASDR Project]]
