-
Notifications
You must be signed in to change notification settings - Fork 6
/
web_app_vulberabilities.json
62 lines (61 loc) · 2.25 KB
/
web_app_vulberabilities.json
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
{
"name": "WebAppVulnerability",
"display_name": "Web Application Vulnerability",
"description": "A case template for handling web application vulnerability incidents",
"author": "DFIR-IRIS",
"title_prefix": "[WEBAPP]",
"summary": "Investigation and mitigation of a web application vulnerability",
"tags": ["web application", "vulnerability"],
"classification": "intrusion:application-compromise",
"tasks": [
{
"title": "Identify vulnerable components",
"description": "Determine the scope of the vulnerability by identifying affected components and systems",
"tags": ["components", "scope"]
},
{
"title": "Assess risk",
"description": "Evaluate the potential impact and likelihood of exploitation of the vulnerability",
"tags": ["risk", "assessment"]
},
{
"title": "Develop mitigation plan",
"description": "Create a plan to mitigate the vulnerability, including patching or applying other security measures",
"tags": ["mitigation", "plan"]
},
{
"title": "Implement mitigation",
"description": "Apply patches or other security measures according to the mitigation plan",
"tags": ["implementation", "patching"]
},
{
"title": "Monitor for exploitation attempts",
"description": "Monitor logs and other data sources for signs of exploitation attempts targeting the vulnerability",
"tags": ["monitoring", "exploitation"]
},
{
"title": "Update security measures",
"description": "Implement and update security measures to prevent future vulnerabilities",
"tags": ["security", "prevention"]
}
],
"note_groups": [
{
"title": "Web application vulnerability details",
"notes": [
{
"title": "Vulnerability description",
"content": "Details of the web application vulnerability"
},
{
"title": "Affected components",
"content": "List of affected components and systems"
},
{
"title": "Mitigation steps",
"content": "Summary of the steps taken to mitigate the vulnerability"
}
]
}
]
}