Threats, Attacks, Vulnerabilities, and Countermeasures
According to the patterns & practices Improving Web Application Security book, the following terms are relevant to application security:
- Asset. A resource of value such as the data in a database or on the file system, or a system resource.
- Threat. A negative effect.
- Vulnerability. A weakness that makes a threat possible.
- Attack (or exploit). An action taken to harm an asset.
- Countermeasure. A safeguard that addresses a threat and mitigates risk.
Read more about this topic: Application Security