[Owasp-leaders] [Owasp-community] OT10 Risks?

Eoin Keary eoin.keary at owasp.org
Sun Sep 21 21:04:55 UTC 2014


Risk != vuln

Risk is defined as:
"(Exposure to) the possibility of loss, injury, or other adverse or unwelcome circumstance; a chance or situation involving such a possibility."

The result of a weakness being leveraged and unwelcome outcomes.



Eoin Keary
Owasp Global Board
+353 87 977 2988


On 21 Sep 2014, at 16:53, Jim Manico <jim.manico at owasp.org> wrote:

>> T10 lists does not accurately
> reflect the most dangerous "risks" or that it would be better to name it
> differently?
> 
> The commentary that I received was that the term "risk" did not
> actually reflect the items on the lists. Folks have told me it should
> be "vulnerabilities" or "attacks" or "weaknesses" and more.
> 
> I'm not sure what the right answer is here...
> 
> Aloha,
> --
> Jim Manico
> @Manicode
> (808) 652-3805
> 
>> On Sep 21, 2014, at 4:50 PM, Tobias <tobias.gondrom at owasp.org> wrote:
>> 
>> T10 lists does not accurately
>> reflect the most dangerous "risks" or that it would be better to name it
>> differently?
> _______________________________________________
> OWASP-Leaders mailing list
> OWASP-Leaders at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/owasp-leaders


More information about the OWASP-Leaders mailing list