The Rules engine recalculates inherent, current, and projected risk under the following conditions:
The risks of a threat are re-calculated when...
- ...a project...
- ...is updated with changes from template.
- ...is updated with changes from library.
- ...a template...
- ...is imported to a project.
- ...is imported from XML file.
- ...is updated from XML file.
- ...a component...
- ...is duplicated.
- ...rules are executed.
- ...a trust zone...
- ...is added to a component.
- ...an asset...
- ...is added to a component.
- ...from a component is updated.
- ...is removed from a component.
- ...a use case...
- ...is copied to a component.
- ...a threat...
- ...from a library or template is updated.
- ...is updated.
- ...is created.
- ...is accepted.
- ...is marked as not applicable.
- ...is marked as applicable.
- ...is exposed.
- ...at project scope is imported from rules.
- ...is copied to a use case.
- ...a countermeasure...
- ...is saved.
- ...is applied.
- ...is deleted.
- ...test result is updated.
- ...is associated to a weakness.
- ...is removed from a weakness.
- ...is associated to a threat.
- ...is removed from a threat.
- ...is recommended.
- ...is rejected.
- ...is synchronized with issue tracker and its state changes to Implemented, Rejected or Required.
- ...a weakness...
- ...test result is updated.
- ...is added to a threat.
- ...is removed from a threat.
- ...is removed.
- ...the mitigation...
- ...is updated.
- ...tests results...
- ...are imported from external sources.
- ...import a Microsoft Threat Model from XML...
- ...in version 5.
- ...in version 7.
- ...in migration...
- ...RecalculateThreatRiskRatingMigration.
- ...ThreatRiskRatingZeroToOneMigration.
Comments
0 comments
Article is closed for comments.