BA06 Loss Of Security Control
| Context | Compliance manager works with cloud application |
| Problem | Loss of visibility and control of security and privacy of cloud application (partially controlled) |
| Solution | Define the use of security controls (SLA); |
| References | ODSS-1: Loss of human-operated control point to verify security and privacy settings [SECCRIT]; R.2: Loss of governance [ENISA]; Vulnerability Scanning Frequency, Vulnerability-List Update Frequency, SW Update Check Frequency [Casola]; |
| Type | ns:type_ThreatPattern |
| Victim | su:comp_CloudApplication |
| Aggressor | su:comp_ComplianceManager |
| Aggr. role | ns:role_Client |
| STRIDE | |
| Threat | ns:threat_txExploitingBadPolicies |