Difference between revisions of "Control template"

Revision as of 13:46, 2 May 2008

Last revision (mm/dd/yy): 05/2/2008

Every Control should follow this template.

Description

A control (countermeasure or security control) is a protection mechanism that prevents, deters, or detects attacks, or prevents or reduces vulnerabilities.

1. Start with a one-sentence description of the control
2. How does the countermeasure work?
3. What are some examples of implementations of the control (steer clear of specific products)

Risk Factors

• Talk about the factors that this control affects
• What effect does this countermeasure have on the attack or vulnerability?
• Does this control reduce the technical or business impact?

Difficulty to Implement

• Discuss the typical difficulty of implementing this control, emphasizing the factors that make it easier or harder
• Steer clear of language/platform specific information here

Examples

Short example name

A short example description, small picture, or sample code with links

Short example name

A short example description, small picture, or sample code with links

Related Attacks

• Attack 1
• Attack 2

Related Vulnerabilities

• Vulnerability 1
• Vulnerabiltiy 2

Note: the contents of "Related Problems" sections should be placed here

Related Controls

• Control 1
• Control 2

Note: contents of "Avoidance and Mitigation" and "Countermeasure" related Sections should be placed here

References

• http://www.link1.com
• Title for the link2

When the article is reviewed, the "Honeycomb" category SHOULD be removed and replaced with the "ASDR" category [[Category:OWASP Honeycomb Project]] [[Category:OWASP ASDR Project]]