adulau/threats-risk-index
1
0
Fork 0
mirror of https://github.com/adulau/threats-risk-index.git synced 2024-11-21 17:47:07 +00:00
Code Issues Projects Releases Packages Wiki Activity

Typo fixed

Browse source
This commit is contained in:
Alexandre Dulaunoy 2016-05-11 08:42:12 +02:00
parent aaf10451f0
commit 685196aef7
1 changed files with 1 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
README.md
View file

@ -10,7 +10,7 @@ generic cases, we wanted to create a risk evaluation which is based on current e
Threats Risk Index = (Threat probability) * (1+SUM(recommendations not implemented))
~~~~
hreats
Threats
=======
Threats file is a list of known and seen threats in a specific region by a CSIRT or any organization with the capability of analysis for security incidents. The threat is defined by a simple description and id. Probability values are assigned per region (country-code) and defined on the overall probability of an incident to occur among the overall set of incidents seen. The probability value is a float (from 0 to 1). As the probability depends on the organization doing the analysis, it could be really scoped to their view on threats. Multiple threats and their respective probability can be combined from various sources in a sum. If a threat is no more seen or actively exploited by an attacker, it should be removed from the list.