7 Threat, Vulnerability, and Risk

Threat, vulnerability, and risk are three important concepts that are required to understand the risk management life cycle concretely. Risk practitioners must know these concepts off the top of their heads as they come in extremely handy at the time of risk assessment and threat modeling, both of which we’ll learn about later in this book.

This chapter aims to introduce the concepts of threat, vulnerability, and risk, understand the relationship between each, and learn about threat modeling and the threat landscape. We will also learn about vulnerability and control analysis and vulnerability sources, and briefly touch on building a vulnerability management program.

In this chapter, we will cover the following ...

Get ISACA Certified in Risk and Information Systems Control (CRISC®) Exam Guide now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

ISACA Certified in Risk and Information Systems Control (CRISC®) Exam Guide by Shobhit Mehta

7

Threat, Vulnerability, and Risk

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly