Threat_Modeling_Process missing reference

Question

Threat_Modeling_Process missing reference

rfromh opened this issue a year ago · comments

Threat_Modeling_Process.md is missing some reference with explanation about Application Security Frame (ASF).

I could not find significant search results on google about ASF. There is no reference in the document. Would it make sense to include a reference to a resource with more details?

Prexy commented 10 months ago

/ assign

Rick M · Answer 1 · Thu Jan 05 2023 23:56:56 GMT+0800 (China Standard Time)

Well if you didn’t find something to link then I guess not?

Rick M · Answer 2 · Thu Jan 05 2023 23:58:39 GMT+0800 (China Standard Time)

The text should just be edited removing the or clause in that sentence.

rfromh · Answer 3 · Fri Jan 06 2023 21:15:09 GMT+0800 (China Standard Time)

The text references this ASF a few times, not only in that one sentence. It seems to be well defined further down but it says ASF has categories "such as", "e.g.". It is not compleley defined in the document.
I see thre options:

Find a valid reference to ASF so that the definition is clear.
Enhance the definition ASF so that it is complete.
Remove this ASF reference completely.

Rick M · Answer 4 · Fri Jan 06 2023 21:33:38 GMT+0800 (China Standard Time)

@victoriadrake you're the original creator of this content, thoughts/input?

Rick M · Answer 5 · Mon Feb 06 2023 10:01:38 GMT+0800 (China Standard Time)

It seems to be well defined further down but it says ASF has categories "such as", "e.g.".

This document isn’t meant to repeat everything from another source.

My advice is: Either link it if you know the source or drop the references if you don’t.

Prexy · Answer 6 · Sun Aug 13 2023 19:10:28 GMT+0800 (China Standard Time)

@kingthorin I have already created a PR kindly review it.