U.S. flag   An official website of the United States government
Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Https

Secure .gov websites use HTTPS
A lock (Dot gov) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

A  |  B  |  C  |  D  |  E  |  F  |  G  |  H  |  I  |  J  |  K  |  L  |  M  |  N  |  O  |  P  |  Q  |  R  |  S  |  T  |  U  |  V  |  W  |  X  |  Y  |  Z

threat source

Abbreviation(s) and Synonym(s):

threat agent

Definition(s):

  The intent and method targeted at the intentional exploitation of a vulnerability or a situation and method that may accidentally trigger a vulnerability. Synonymous with Threat Agent.
Source(s):
FIPS 200 under THREAT SOURCE
NIST SP 1800-21B under Threat Sources
NIST SP 800-128 under Threat Source from FIPS 200
NIST SP 800-128 from FIPS 200
NIST SP 800-137 under Threat Source from FIPS 200
NIST SP 800-82 Rev. 2 under Threat Source from FIPS 200

  The intent and method targeted at the intentional exploitation of a vulnerability or a situation and method that may accidentally exploit a vulnerability.
Source(s):
CNSSI 4009-2015 from FIPS 200
NIST SP 800-30 Rev. 1 under Threat Source from CNSSI 4009
NIST SP 800-39 under Threat Source from CNSSI 4009
NISTIR 7622 under Threat Source from CNSSI 4009

  Any circumstance or event with the potential to adversely impact organizational operations (including mission, functions, image, or reputation), organizational assets, individuals, other organizations, or the Nation through an information system via unauthorized access, destruction, disclosure, or modification of information, and/or denial of service.
Source(s):
NIST SP 800-160 Vol. 2 Rev. 1 from CNSSI 4009-2015

  The intent and method targeted at the intentional exploitation of a vulnerability or a situation and method that may accidentally trigger a vulnerability. See threat agent.
Source(s):
NIST SP 800-37 Rev. 2
NIST SP 800-53 Rev. 5 from FIPS 200
NIST SP 800-53A Rev. 5 from FIPS 200

  The intent and method targeted at the intentional exploitation of a vulnerability or a situation and method that may accidentally trigger a vulnerability.
Source(s):
NIST SP 800-161r1 from NIST SP 800-53 Rev. 5

  A malicious person with harmful intent or an unintended or unavoidable situation (such as a natural disaster, technical failure, or human error) that may trigger a vulnerability.
Source(s):
NISTIR 8286 under Threat Source