This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org

Category talk:Threat Agent

From OWASP
Revision as of 21:13, 9 November 2006 by Roodee (talk | contribs) (Distinctions between threat agent and threat)

(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to: navigation, search

I can appreciate the attempt made to clarify threats with respect to risk, but a redirection on the wiki from threat to threat agent does not, in my opinion, clarify the most basic concept of threat. The definition of 'threat agent' is distinct from the definition of 'threat'. Agent implies a causative entity and, in the case of the wiki entry, I think has been roughly sketched. What has not been done yet is to define the types of events (the threat) the causative entity (threat agent) brings about. Perhaps a rough workflow of a standard security event (a system compromise) will serve to identify the necessary components that need definition. This may also provide the context needed to keep the definitions from shifting.

Here is my previous comment on threat: Category_talk:Threat