Describe the OWASP web application risk rating methodology and discuss how it's used to select security controls.
- [Instructor] Not to be overshadowed by infrastructure, … software has many crucial vulnerabilities also. … In fact, the open web application security project, … or OWASP, an online community focused on … web application security … has developed a risk rating methodology … that can be used to rate the severity of … web application vulnerabilities. … This basic framework leverages the standard risk model. … Risk equals likelihood times impact. … By identifying risk and looking at the skill level, … motive, opportunity, and size … of the threat agents and attack vectors … estimating the likelihood of harm … by evaluating known security weaknesses … and applicable security controls … and estimating the technical and business impact … of an exploited vulnerability. … This methodology is used to rank the severity … of risk to the application so that a prioritized list … of what to fix can be made. … Many organizations develop a customized risk rating model … by modifying this basic approach. …
AuthorKevin L. Jackson
- Cloud computing drivers
- Deployment and services models
- Attack vectors
- Cyberthreats to financial services
- Regional requirements for data privacy and protection
- Regional risk and compliance requirements
- Case studies in financial cloud security
Skill Level Beginner
IT Security: Key Policies and Resourceswith Gregory Michaelidis23m 44s Intermediate
1. Cloud Computing Overview
2. Financial Services Industry's Approach to Cybersecurity
3. Regional Data Protection and Privacy Requirements
4. Regional Risk and Compliance Requirements
5. Key Threats and Controls in Financial Cloud Security
- Mark as unwatched
- Mark all as unwatched
Are you sure you want to mark all the videos in this course as unwatched?
This will not affect your course history, your reports, or your certificates of completion for this course.Cancel
Take notes with your new membership!
Type in the entry box, then click Enter to save your note.
1:30Press on any video thumbnail to jump immediately to the timecode shown.
Notes are saved with you account but can also be exported as plain text, MS Word, PDF, Google Doc, or Evernote.