Skip to content

Commit

Permalink
Create threats.yaml for SecMgmt (#510)
Browse files Browse the repository at this point in the history 
Co-authored-by: Eddie Knight <[email protected]>
Co-authored-by: Michael Lysaght <[email protected]>
  • Loading branch information
@kazmik23 @eddie-knight @mlysaght2017
3 people authored Jan 20, 2025
1 parent fa207db commit 34bb1c8
Showing 1 changed file with 14 additions and 0 deletions.
14 changes: 14 additions & 0 deletions services/crypto/SecMgmt/threats.yaml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,14 @@
common_threats:
- CCC.TH01 # Access control is misconfigured
- CCC.TH03 # Deployment region network is untrusted
- CCC.TH04 # Data is replicated to untrusted or external locations
- CCC.TH05 # Data is corrupted during replication
- CCC.TH06 # Data is lost or corrupted
- CCC.TH07 # Logs are Tampered With or Deleted
- CCC.TH09 # Logs or Monitoring Data are Read by Unauthorized Users
- CCC.TH11 # Event Notifications are Incorrectly Triggered
- CCC.TH13 # Resource Tags Are Manipulated
- CCC.TH14 # Older Resource Versions Are Exploited
- CCC.TH15 # Automated Enumeration and Reconnaissance by Non-Human Entities
- CCC.TH16 # Non-compliance with encryption key management policies

0 comments on commit 34bb1c8

Please sign in to comment.