Computer Security Resource Center

Computer Security Resource Center

Computer Security
Resource Center

A  |  B  |  C  |  D  |  E  |  F  |  G  |  H  |  I  |  J  |  K  |  L  |  M  |  N  |  O  |  P  |  Q  |  R  |  S  |  T  |  U  |  V  |  W  |  X  |  Y  |  Z

threat source

Abbreviation(s) and Synonym(s):

threat agent

Definition(s):

  The intent and method targeted at the intentional exploitation of a vulnerability or a situation and method that may accidentally trigger a vulnerability. Synonymous with Threat Agent.
Source(s):
FIPS 200 under THREAT SOURCE
NIST SP 800-128 under Threat Source FIPS 200
NIST SP 800-137 under Threat Source FIPS 200
NIST SP 800-37 Rev. 1 under Threat Source FIPS 200
NIST SP 800-53 Rev. 4 under Threat Source FIPS 200
NIST SP 800-53A Rev. 4 under Threat Source FIPS 200
NIST SP 800-82 Rev. 2 under Threat Source FIPS 200, NIST SP 800-53, NIST SP 800-53A, NIST SP 800-37
NIST SP 800-128 FIPS 200

  The intent and method targeted at the intentional exploitation of a vulnerability or a situation and method that may accidentally exploit a vulnerability.
Source(s):
CNSSI 4009-2015 FIPS 200
NIST SP 800-30 Rev. 1 under Threat Source CNSSI 4009
NIST SP 800-39 under Threat Source CNSSI 4009
NISTIR 7622 under Threat Source CNSSI 4009

  Either (1) intent or method targeted at the intentional exploitation of a vulnerability, or (2) a situation and method that may accidentally trigger a vulnerability.
Source(s):
NIST SP 800-161 under Threat Source NIST SP 800-30 Rev. 1

  Either (1) intent and method targeted at the intentional exploitation of a vulnerability or (2) the situation and method that may accidentally trigger a vulnerability.
Source(s):
NIST SP 800-33
NIST SP 800-27 Rev. A [Withdrawn]

  The intent and method targeted at the intentional exploitation of a vulnerability or a situation and method that may accidentally trigger a vulnerability. See threat agent.
Source(s):
NIST SP 800-37 Rev. 2

  Any circumstance or event with the potential to adversely impact organizational operations (including mission, functions, image, or reputation), organizational assets, individuals, other organizations, or the Nation through an information system via unauthorized access, destruction, disclosure, or modification of information, and/or denial of service.
Source(s):
NIST SP 800-160 Vol.2 [Superseded]