Izar Tarandach
Izar Tarandach
Most of the translation from CAPEC into threats was done by @avhadpooja - she can better give details on the process.
Hm, let me take a look and get back to you ASAP. Thanks for the report!
Can you share your full model ? I am a bit thrown by the "invalid" elements out there.
Ok, so this is functionality that I have not used before. If I understand @nineinchnick test code correctly, it is supposed to work on user-supplied Threat objects. I see no...
I found the DFD problem. Can you submit a PR with your change, and I'll fix the DFD on my side? On Tue, Oct 24, 2023 at 11:19 AM Michael...
@MichaelMcAleer your change makes the test for the feature fail. I think we may need @nineinchnick input here, lest we break the intent of the feature.
If I remember correctly, DO stands for "denial of ...". DO02 is Excessive Allocation, DO03 is XML Ping of Death, and so on. The IDs are there just to serve...
This is a great idea! I don't know if or how people are using the existing naming convention, but perhaps we could add an ALT_SID field using yours and warn...
These look good to me, thanks! I wonder if just for the sake of completeness we shouldn't have an entry for AC22 saying it has been superseded by 23 and...
I am not sure you can't mitigate it by changing the model. If it absolutely needs to have lifetime validity, it can be better protected, you can add "show current...