This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org
Difference between revisions of "Carelessness"
From OWASP
Infosegura (talk | contribs) |
|||
| (8 intermediate revisions by 2 users not shown) | |||
| Line 1: | Line 1: | ||
| + | <br> | ||
| + | [[Category:OWASP ASDR Project]] | ||
| + | |||
| + | |||
== Description == | == Description == | ||
| − | Carelessness or Negligence is lack of concern about the consequences of an action. The negligence | + | Carelessness or Negligence is lack of concern about the consequences of an action. The negligence may be foreseeable or a unintentional, but in both cases a person can be held responsible for any consequences of such negligence. Only humans can be negligent and this can cause damage to an organization's business systems, facilities, or personnel. |
== Risk Factors == | == Risk Factors == | ||
| − | + | * A dissatisfied employee can stop making updates in a server, leaving it vulnerable to attacks. | |
== Examples == | == Examples == | ||
| − | + | === Conscious === | |
| + | : Don't apply a patch to a known critical issue. | ||
| + | === Unintentionally === | ||
| + | : Send a confidential e-mail to a wrong person. | ||
==Related [[Attacks]]== | ==Related [[Attacks]]== | ||
| Line 15: | Line 22: | ||
== References == | == References == | ||
| − | + | * [http://en.wikipedia.org/wiki/Carelessness Wikipedia] | |
| + | |||
| + | [[Category: Threat Agent]] | ||
Latest revision as of 23:51, 7 April 2009
Description
Carelessness or Negligence is lack of concern about the consequences of an action. The negligence may be foreseeable or a unintentional, but in both cases a person can be held responsible for any consequences of such negligence. Only humans can be negligent and this can cause damage to an organization's business systems, facilities, or personnel.
Risk Factors
- A dissatisfied employee can stop making updates in a server, leaving it vulnerable to attacks.
Examples
Conscious
- Don't apply a patch to a known critical issue.
Unintentionally
- Send a confidential e-mail to a wrong person.
Related Attacks
TBD
Related Vulnerabilities
TBD
