Threat Source

Threat Source definition in Computer Security terms:

Acronym(s): None

Definition(s): The intent and method targeted at the intentional exploitation of a vulnerability or a situation and method that may accidentally trigger a vulnerability.
Source(s): FIPS 200
NIST SP 800-137 (FIPS 200)

The intent and method targeted at the intentional exploitation of a vulnerability or a situation and method that may accidentally exploit a vulnerability.
Source(s): CNSSI 4009-2015 (FIPS 200)
NIST SP 800-39 (CNSSI 4009)
NIST SP 800-30 (CNSSI 4009)

The intent and method targeted at the intentional exploitation of a vulnerability or a situation and method that may accidentally trigger a vulnerability. Synonymous with threat agent.
Source(s): NIST SP 800-128 (FIPS 200)
NIST SP 800-37 Rev. 1 (FIPS 200)
NIST SP 800-53 Rev. 4 (FIPS 200)
NIST SP 800-53A Rev. 4 (FIPS 200)
NIST SP 800-82 Rev. 2 (FIPS 200, NIST SP 800-53, NIST SP 800-53A, NIST SP 800-37)

Either (1) intent or method targeted at the intentional exploitation of a vulnerability, or (2) a situation and method that may accidentally trigger a vulnerability.
Source(s): NIST SP 800-161 (NIST SP 800-30 Rev. 1)

Either (1) intent and method targeted at the intentional exploitation of a vulnerability or (2) the situation and method that may accidentally trigger a vulnerability.
Source(s): NIST SP 800-27 Rev. A

Intent and method targeted at the intentional exploitation of a vulnerability or (2) the situation and method that may accidentally trigger a vulnerability.
Source(s): NIST SP 800-33

The situation and method that may accidentally trigger a vulnerability.
Source(s): NIST SP 800-33

Synonym(s): Threat Agent

 

reference: CSRC Glossary