This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org
Difference between revisions of "Category talk:Threat"
From OWASP
(Reverting to last version not containing links to s1.shard.jp) |
(Reverting to last version not containing links to s1.shard.jp) |
||
| (4 intermediate revisions by 2 users not shown) | |||
| Line 1: | Line 1: | ||
| − | |||
I would argue (no surpise there) that threat has little to do with "the potential (or likelihood)" of something bad happening. Instead, a threat should be understood as the "bad happening" itself. In other words, it is the description of that atomic event. Potential and likelihood artifically introduce the concept that a threat is to be understood within the context of probability. I don't think that the definition of threat can, nor should it bear this additional criteria. The concepts of potential and likelihood are more appropriate in describing risk. | I would argue (no surpise there) that threat has little to do with "the potential (or likelihood)" of something bad happening. Instead, a threat should be understood as the "bad happening" itself. In other words, it is the description of that atomic event. Potential and likelihood artifically introduce the concept that a threat is to be understood within the context of probability. I don't think that the definition of threat can, nor should it bear this additional criteria. The concepts of potential and likelihood are more appropriate in describing risk. | ||
Latest revision as of 12:50, 3 June 2009
I would argue (no surpise there) that threat has little to do with "the potential (or likelihood)" of something bad happening. Instead, a threat should be understood as the "bad happening" itself. In other words, it is the description of that atomic event. Potential and likelihood artifically introduce the concept that a threat is to be understood within the context of probability. I don't think that the definition of threat can, nor should it bear this additional criteria. The concepts of potential and likelihood are more appropriate in describing risk.
