[Owasp-leaders] Owasp risk rating

Antonio Fontes - OWASP antonio.fontes at owasp.org
Mon Sep 25 08:15:03 UTC 2017


Hello Ade,

Great initiative, thanks for sharing. 

There is something a little bit strange in the first scale: the higher the skillset required, the higher the likelihood of threat. Wouldn't that be the opposite?

I'd expect a vulnerability, which can be exploited without requiring any technical skills, to result in a higher rank in terms of likelihood, as opposed to one requiring the highest penetration skills.

Best regards,
Antonio

On September 24, 2017 10:17:02 AM GMT+02:00, Ade Yoseman Putra <ade.putra at owasp.org> wrote:
>hi leaders
>
>we have create the simple OWASP risk rating based in html
>
>you can view source and copy paste in your computer
>
>if any ideas just send me a email
>
>http://165.227.109.55/riskrating.html
>
>[image: Inline image 1]
>
>
>
>Ade Yoseman
>OWASP Volunteer <https://www.owasp.org/index.php/Jakarta>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-leaders/attachments/20170925/af4081f5/attachment.html>


More information about the OWASP-Leaders mailing list