Threat Action

From Open Risk Manual
The printable version is no longer supported and may have rendering errors. Please update your browser bookmarks and please use the default browser print function instead.

Definition

Threat Action in the context of IT Security Risk is the specific set of activities used by a Threat Actor to create a Cyber Incident

Threat actions describe what the threat actor(s) did to cause or contribute to the incident. Every incident has at least one, but most will comprise multiple actions (and often across multiple categories).

VERIS Taxonomy of Threat Actions

The VERIS taxonomy[1] recognizes 7 distinct actions:

References

  1. https://verisframework.org/actions.html
Retrieved from "https://www.openriskmanual.org/wiki/index.php?title=Threat_Action&oldid=36832"
Creative Commons Attribution-NonCommercial-ShareAlike
Powered by MediaWiki