It is always good practice to understand the threats, vulnerabilities and bad actors that pose an increasing risk to your livelihood. WASC has recently announced the release of the Threat Classification v2.0 to aid in cataloguing and understand the threats. This framework is an effort to classify the weaknesses and attacks that can lead to the compromise of a website, its data, or its users. It’s primarily purpose is to serve as a reference guide for common attacks and weaknesses.
|WASC Threat Classification v2.0||http://projects.webappsec.org/Threat-Classification|
|Using the Threat Classification||http://projects.webappsec.org/Using-the-Threat-Classification|
|WASC Threat Classification FAQ||http://projects.webappsec.org/Threat-Classification-FAQ|
|WASC Reference Identifier Grid||http://projects.webappsec.org/Threat-Classification-Reference-Grid|
|Threat Classification Data Views||http://projects.webappsec.org/Threat-Classification-Views|