This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org

Difference between revisions of "Countermeasure template"

From OWASP
Jump to: navigation, search
 
(2 intermediate revisions by the same user not shown)
Line 1: Line 1:
==Description==
 
 
This is the structure of a Countermeasure Article.
 
 
Sections "Overview", "Abstract", "Discussion", "Required Resources" and "Plataform", if existent, should be properly describe here, without subsections.
 
 
In case of a "Exposure Period" section exists, it should be placed here as a subsection.
 
Ex:<nowiki>===Exposure Period===</nowiki>
 
 
 
==Examples==
 
 
===Example 1===
 
 
 
===Example n===
 
 
 
==Difficult to Implement==
 
 
 
Every '''[[Countermeasure]]''' should follow this template.
 
Every '''[[Countermeasure]]''' should follow this template.
  
Line 41: Line 21:
 
* Discuss the typical difficulty of implementing this control, emphasizing the factors that make it easier or harder
 
* Discuss the typical difficulty of implementing this control, emphasizing the factors that make it easier or harder
 
* Steer clear of language/platform specific information here
 
* Steer clear of language/platform specific information here
 +
  
 
==Examples==
 
==Examples==
Line 49: Line 30:
 
; Short example name
 
; Short example name
 
: One paragraph example description with [http://www.site.com links]
 
: One paragraph example description with [http://www.site.com links]
 
 
==Related [[Threat Agents]]==
 
 
* [[Threat Agent 1]]
 
* [[Threat Agent 2]]
 
  
  

Latest revision as of 05:04, 13 February 2008

Every Countermeasure should follow this template.

Description

An countermeasure (or security control) is a protection mechanism that prevents, deters, or detects attacks, or prevents or reduces vulnerabilities.

  1. Start with a one-sentence description of the countermeasure
  2. How does the countermeasure work?
  3. What are some examples of implementations of the countermeasure (steer clear of specific products)


Risk Factors

  • Talk about the factors that this countermeasure affects
  • What effect does this countermeasure have on the attack or vulnerability?
  • Does this countermeasure reduce the technical or business impact?


Difficulty to Implement

  • Discuss the typical difficulty of implementing this control, emphasizing the factors that make it easier or harder
  • Steer clear of language/platform specific information here


Examples

Short example name
One paragraph example description with links
Short example name
One paragraph example description with links


Related Attacks


Related Vulnerabilities

Note: the contents of "Related Problems" sections should be placed here


Related Countermeasures

Note: contents of "Avoidance and Mitigation" Sections should be placed here


References


When the article is reviewed, the "Honeycomb" category can be removed and replaced with the "ASDR" category [[Category:OWASP Honeycomb Project]] [[Category:OWASP ASDR Project]]


Retrieved from "https://wiki.owasp.org/index.php?title=Countermeasure_template&oldid=25310"