[Owasp-leaders] Owasp risk rating

Mohamed Alfateh mohamed.alfateh at owasp.org
Mon Sep 25 09:34:34 UTC 2017


+1 Antonio.

You may display the risk calculation equation in the page (although it is
included in the HTML). Also, it will be great to add some references for
the risk analysis criteria.

Regards
Fateh

On Mon, Sep 25, 2017 at 10:15 AM, Antonio Fontes - OWASP <
antonio.fontes at owasp.org> wrote:

> Hello Ade,
>
> Great initiative, thanks for sharing.
>
> There is something a little bit strange in the first scale: the higher the
> skillset required, the higher the likelihood of threat. Wouldn't that be
> the opposite?
>
> I'd expect a vulnerability, which can be exploited without requiring any
> technical skills, to result in a higher rank in terms of likelihood, as
> opposed to one requiring the highest penetration skills.
>
> Best regards,
> Antonio
>
>
> On September 24, 2017 10:17:02 AM GMT+02:00, Ade Yoseman Putra <
> ade.putra at owasp.org> wrote:
>>
>> hi leaders
>>
>> we have create the simple OWASP risk rating based in html
>>
>> you can view source and copy paste in your computer
>>
>> if any ideas just send me a email
>>
>> http://165.227.109.55/riskrating.html
>>
>> [image: Inline image 1]
>>
>>
>>
>> Ade Yoseman
>> OWASP Volunteer <https://www.owasp.org/index.php/Jakarta>
>>
>>
>>
> _______________________________________________
> OWASP-Leaders mailing list
> OWASP-Leaders at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/owasp-leaders
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-leaders/attachments/20170925/bfda1d6e/attachment.html>


More information about the OWASP-Leaders mailing list