You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
The current threat schema effectively captures general information about common threats, but lacks the ability to specify how those threats apply to individual cloud services (e.g., GCP, Azure). As we engage in detailed threat modelling of cloud services, it will becomes increasingly important to document nuances and service-specific considerations related to a threat. The absence of this attribute means these details are either not captured or inconsistently tracked outside the schema, potentially leading to gaps in understanding and mitigation.
Potential Solutions:
Propose adding a new optional attribute to the threat schema called "service_specific_threat_details". This field will allow for service-specific details to be captured when threats are applied to a particular cloud service. It will not be mandatory, maintaining the flexibility of the schema for general use, but will provide a mechanism to store additional detail when needed.
The text was updated successfully, but these errors were encountered:
Feature Request
Description of Problem:
The current threat schema effectively captures general information about common threats, but lacks the ability to specify how those threats apply to individual cloud services (e.g., GCP, Azure). As we engage in detailed threat modelling of cloud services, it will becomes increasingly important to document nuances and service-specific considerations related to a threat. The absence of this attribute means these details are either not captured or inconsistently tracked outside the schema, potentially leading to gaps in understanding and mitigation.
Potential Solutions:
Propose adding a new optional attribute to the threat schema called "service_specific_threat_details". This field will allow for service-specific details to be captured when threats are applied to a particular cloud service. It will not be mandatory, maintaining the flexibility of the schema for general use, but will provide a mechanism to store additional detail when needed.
The text was updated successfully, but these errors were encountered: