[Owasp-appsensor-project] Additional Detection Points - Change to Environment Threat Level

Colin Watson colin.watson at owasp.org
Wed Jun 9 10:32:02 EDT 2010

Suggestion to add a new detection point.  Has this already been ruled
out?  Should it be added?  Is the description/categorization suitable?

Just another idea, but based on discussions about creating an Internet
Threat Exposure (ITE) index by the UK Cybersecurity KTN in 2008.

The general threat level (e.g. general risk of attack from the
Internet, or specific targetted attacks against an organisation) is
elevated.  This could also be used to change response sensitivity due
to short-term effects such as application upgrades/patching.  This
input could be used to alter thresholds for AppSensor responses.

Suggested categorization
In the suggested new category "Reputation" (see RP1 Suspicious User IP Address)
RP5 Change to Environment Threat Level

More information about the Owasp-appsensor-project mailing list