Attack template

Every Attack should follow this template.

Last revision (mm/dd/yy): //

Description
An attack is an action taken by a threat agent to exploit a vulnerability. Be sure you don't put [threat agents] or [vulnerabilities] in this category.


 * 1) Start with a one-sentence description of the attack
 * 2) How is the attack is launched?
 * 3) Who are the likely threat agents?
 * 4) What vulnerability does this attack target?

Risk Factors

 * Talk about the factors that make this attack likely or unlikely to actually happen
 * You can mention the likely technical impact of an attack
 * The [business impact] of an attack is probably conjecture, leave it out unless you're sure

Short example name

 * A short example description, small picture, or sample code with links

Short example name

 * A short example description, small picture, or sample code with links

Related Threat Agents

 * Threat Agent 1
 * Threat Agent 2

Related Attacks

 * Attack 1
 * Attack 2

Related Vulnerabilities

 * Vulnerability 1
 * Vulnerabiltiy 2

Note: the contents of "Related Problems" sections should be placed here

Related Controls

 * Control 1
 * Control 2

Note: contents of "Avoidance and Mitigation" and "Countermeasure" Sections should be placed here