[OWASP-Security101] Vulnerability vs Threat

Jim Manico jim.manico at owasp.org
Tue Apr 10 21:56:43 UTC 2012


Threat implies probability - so threat is the •probability or
likelihood• that a weakness will be successfully exploited.

--
Jim Manico
VP, Security Architecture
WhiteHat Security
(808) 652-3805

On Apr 10, 2012, at 4:15 PM, Brian Luteran
<Brian.Luteran at synchronoss.com> wrote:

> Think of a vulnerability like an open door and a threat to that open door is a thief going through it to steal something.
>
> ~Brian
> -----Original Message-----
> From: security101-bounces at lists.owasp.org [mailto:security101-bounces at lists.owasp.org] On Behalf Of Zaki Akhmad
> Sent: Tuesday, April 10, 2012 2:31 AM
> To: OWASP Security 101
> Subject: [OWASP-Security101] Vulnerability vs Threat
>
> Hi lists,
>
> Are there any idea, how to easily explain the difference between
> vulnerability and threat? Using example or analogy?
>
> Sometime I still found quite difficult to distinguish between these two terms.
>
> Regards,
>
> --
> Zaki Akhmad
> _______________________________________________
> Security101 mailing list
> Security101 at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/security101
> List Run By OWASP
> List Admin: Michael.Coates at owasp.org
> _______________________________________________
> Security101 mailing list
> Security101 at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/security101
> List Run By OWASP
> List Admin: Michael.Coates at owasp.org


More information about the Security101 mailing list