[Owasp-testing] Risk Calculating Methodology - Likelihood and Impact Levels

marc dupont fail.marc.dupont at gmail.com
Fri Oct 5 12:29:08 UTC 2012


Hi,

1)   On the pdf of the Owasp Testing Guide v3,
http://www.owasp.org/images/5/56/OWASP_Testing_Guide_v3.pdf

p.329 i can see :

Likelihood and Impact Levels
0 to <3 HIGH
3 to <6 MEDIUM
6 to 9 LOW


On the website at URL:
https://www.owasp.org/index.php/How_to_value_the_real_risk
It's exactly the opposite (which is, i suppose the correct version):

*Likelihood and Impact Levels*  0 to <3 LOW  3 to <6 MEDIUM  6 to 9 HIGH

Could someone confirm/correct if so  please ?



2)   Anyway i'm interested also on the V4 up to date, can't find the link,
if someone can give it to me please ?


Thanks and Best Regards.
M.Dupont
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-testing/attachments/20121005/09d8e0ed/attachment.html>


More information about the Owasp-testing mailing list