search

usnistgov / mobile-threat-catalogue

NIST/NCCoE Mobile Threat Catalogue
https://pages.nist.gov/mobile-threat-catalogue
Other
142 stars 40 forks source link

Sept 13th Workshop: General comment #19

Closed sdog-mitre closed 8 years ago

sdog-mitre commented 8 years ago

General Comment

Threat ID: None

Type of Comment:

Proposed Change: Threats need to be further categorized or qualified to help readers distinguish those that are of concern to them. Considerations could be the scope of the threat if realized (e.g. geographic region, individual user), the nature of the loss incurred by the target (confidentiality, integrity, availability), or the prevalence of the threat.

Justification: The catalogue is more usable if readers have additional ways to filter threats.

JoshuaMFranklin commented 8 years ago

Excellent comment. This is a large, complex change, that would need to be subjected to another round of public comment. Due to these factors, we believe this comment is out of scope for the current revision. We welcome contributions from the mobile security community and hope to include these changes into a future iteration of the catalogue.