This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org

Control template

From OWASP
Revision as of 00:11, 19 February 2008 by Leocavallari (talk | contribs) (New page: Every '''Control''' should follow this template. ==Description== A control (countermeasure or security control) is a protection mechanism that prevents, deters, or detects attacks, o...)

(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to: navigation, search

Every Control should follow this template.

Description

A control (countermeasure or security control) is a protection mechanism that prevents, deters, or detects attacks, or prevents or reduces vulnerabilities.

  1. Start with a one-sentence description of the control
  2. How does the countermeasure work?
  3. What are some examples of implementations of the control (steer clear of specific products)


Risk Factors

  • Talk about the factors that this control affects
  • What effect does this countermeasure have on the attack or vulnerability?
  • Does this control reduce the technical or business impact?


Difficulty to Implement

  • Discuss the typical difficulty of implementing this control, emphasizing the factors that make it easier or harder
  • Steer clear of language/platform specific information here


Examples

Short example name
One paragraph example description with links
Short example name
One paragraph example description with links


Related Attacks


Related Vulnerabilities

Note: the contents of "Related Problems" sections should be placed here


Related Controls

Note: contents of "Avoidance and Mitigation" Sections should be placed here


References


When the article is reviewed, the "Honeycomb" category SHOULD be removed and replaced with the "ASDR" category [[Category:OWASP Honeycomb Project]] [[Category:OWASP ASDR Project]]


Retrieved from "https://wiki.owasp.org/index.php?title=Control_template&oldid=25515"