Difference between revisions of "Threat Action"
From Open Risk Manual
Wiki admin (talk | contribs) (→VERIS Taxonomy) |
Wiki admin (talk | contribs) |
||
Line 4: | Line 4: | ||
Threat actions describe what the threat actor(s) did to cause or contribute to the incident. Every incident has at least one, but most will comprise multiple actions (and often across multiple categories). | Threat actions describe what the threat actor(s) did to cause or contribute to the incident. Every incident has at least one, but most will comprise multiple actions (and often across multiple categories). | ||
− | == VERIS Taxonomy == | + | === VERIS Taxonomy of Threat Actions === |
− | VERIS<ref>http://veriscommunity.net/actions.html</ref> recognizes 7 distinct actions: | + | The VERIS taxonomy<ref>http://veriscommunity.net/actions.html</ref> recognizes 7 distinct actions: |
* [[Malware]] | * [[Malware]] | ||
* [[Hacking]] | * [[Hacking]] | ||
Line 18: | Line 18: | ||
[[Category:Cyber Risk]] | [[Category:Cyber Risk]] | ||
+ | [[Category:Threat Model]] |
Revision as of 10:32, 14 October 2021
Definition
Threat Action in the context of IT Security Risk is the specific set of activities used by a Threat Actor to create a Cyber Incident
Threat actions describe what the threat actor(s) did to cause or contribute to the incident. Every incident has at least one, but most will comprise multiple actions (and often across multiple categories).
VERIS Taxonomy of Threat Actions
The VERIS taxonomy[1] recognizes 7 distinct actions: