BA06 Loss Of Security Control
Context | Compliance manager works with cloud application |
Problem | Loss of visibility and control of security and privacy of cloud application (partially controlled) |
Solution | Define the use of security controls (SLA); |
References | ODSS-1: Loss of human-operated control point to verify security and privacy settings [SECCRIT]; R.2: Loss of governance [ENISA]; Vulnerability Scanning Frequency, Vulnerability-List Update Frequency, SW Update Check Frequency [Casola]; |
Type | ns:type_ThreatPattern |
Victim | su:comp_CloudApplication |
Aggressor | su:comp_ComplianceManager |
Aggr. role | ns:role_Client |
STRIDE | |
Threat | ns:threat_txExploitingBadPolicies |