Security/RiskRatings: Difference between revisions

Security/RiskRatings (view source)

Revision as of 15:35, 17 August 2012

131 bytes added , 17 August 2012

→‎What Scores Mean

Curtisk

canmove, Confirmed users, Bureaucrats and Sysops emeriti

2,776

edits

@@ Line 54: / Line 54: @@
 == What Scores Mean ==
-{| border="1" class="fullwidth-table"
+{| border="1"
 |
-| align="center" style="background:#f0f0f0;"|'''Critical (100+)'''
+| align="center" style="background:#f0f0f0; style="width: 10%;"|'''Critical (100+)'''
-| align="center" style="background:#f0f0f0;"|'''High (99-76)'''
+| align="center" style="background:#f0f0f0; style="width: 10%;"|'''High (99-76)'''
-| align="center" style="background:#f0f0f0;"|'''Medium (75-26)'''
+| align="center" style="background:#f0f0f0; style="width: 10%;"|'''Medium (75-26)'''
-| align="center" style="background:#f0f0f0;"|'''Low (25-0)'''
+| align="center" style="background:#f0f0f0; style="width: 10%;"|'''Low (25-0)'''
 |-
 |Effort Estimation || 1 Month || 2 Weeks || 2 Days || <1 Day
@@ Line 66: / Line 66: @@
 |-
 |Required Documents from development team
- Architecture Diagram,
+{| border="1"
- Application Diagram,
+|Architecture Diagram
- Data Flow Enumeration,
+|-
- Threat Model
+|Application Diagram,
+|-
+|Data Flow Enumeration,
+|-
+|Threat Model
+|}
 |
- Required at input
+{| border="1"
- Required at input
+|Required at input
- Required at input
+|-
- Created during review with Security Lead
+|Required at input
+|-
+|Required at input
+|-
+|Created During review with Security Lead
+|}
 |
- Created during review
+{| border="1"
- Created during review
+|Created during review
- Created during review
+|-
- Created during review
+|Created during review
+|-
+|Created during review
+|-
+|Created during review
+|}
 |
-  None required, but may speed review
+  None required,
+ but may speed review
 |
-  None required, but may speed review
+  None required,
+ but may speed review
 |-
-| How Documented || SecReview Wiki || SecReview Wiki || SecReview Wikie -or- in Secreview bug (with indidication of no-wiki) || In SecReview Bug
+| How Documented || SecReview Wiki || SecReview Wiki || SecReview Wiki -or- in Secreview bug (with indidication of no-wiki) || In SecReview Bug
 |-
 |}