Focused On Your Success


The All.Net Security Database


Documentation Cross Reference
Documentation Cross Reference


Issues effecting the way you do documentation and issues where documentation is key to their success or operation.

Documentation is used to support policy, standards, procedures, and all other aspects of protection. [Drill-Down]

Cause/Mechanism:
  • Threat Profiles
  • Attack Methods
  • Defense Methods
    Process:
  • Prevention
  • Detection
  • Reaction
    Impact:
  • Integrity
  • Availability
  • Confidential
  • Use Control
  • Other:
  • Risk Management
  • Database Description

    Domain:
  • Physical
  • Informational
  • Systemic
    Sophistication:
  • Theoretical
  • Demonstrated
  • Widespread
  • Perspectives:
  • Management
  • Policy
  • Standards
  • Procedures
  • Documentation
  • Audit
  • Testing
  • Technical Safeguards
  • Personnel
  • Incident Handling
  • Legal
  • Physical
  • Awareness
  • Training
  • Education
  • Organization
  • Brekne's Mechanistic:
  • Input
  • Output
  • Storage
  • Processing
  • Transmission
  • Brekne's Causal:
  • Accidental
  • Malicious
  • Brekne's Method:
  • Leakage
  • Masquerade
  • Denial
  • Corruption
  • Usage
  • Mental

  • [Defense30 - audit analysis]
    [Defense35 - awareness of implications]
    [Defense5 - background checks]
    [Defense57 - change management]
    [Defense49 - classifying information as to sensitivity]
    [Defense120 - clear line of responsibility for protection]
    [Defense123 - compliance with laws and regulations]
    [Defense94 - concealed services]
    [Defense58 - configuration management]
    [Defense99 - deceptions]
    [Defense118 - document and information control procedures]
    [Defense39 - good hiring practices]
    [Defense119 - individual accountability for all assets and actions]
    [Defense90 - infrastructure-wide digging hotlines]
    [Defense130 - internal control principle (GASSP)]
    [Defense79 - inventory control]
    [Defense124 - legal agreements]
    [Defense107 - minimizing copies of sensitive information]
    [Defense43 - multi-version programming]
    [Defense126 - multidisciplinary principle (GASSP)]
    [Defense108 - numbering and tracking all sensitive information]
    [Defense98 - perception management]
    [Defense15 - physical security]
    [Defense25 - policies]
    [Defense28 - procedures]
    [Defense121 - program change logs]
    [Defense122 - protection of names of resources]
    [Defense23 - reintegration]
    [Defense100 - retaining confidentiality of security status information]
    [Defense140 - searches and inspections]
    [Defense51 - secure design]
    [Defense80 - secure distribution]
    [Defense48 - security marking and/or labeling]
    [Defense27 - standards]
    [Defense1 - strong change control]
    [Defense117 - suppression of incomplete, erroneous, or obsolete data]
    [Defense52 - testing]
    [Defense106 - tracking, correlation, and analysis of incident reporting and response information]
    [Defense24 - training and awareness]
    [Defense97 - trusted system technologies]
    [Defense113 - universal use of badges]
    [Defense2 - waste data destruction]