In order to better highlight how the Heuristic Security risks lead to and reflect real world breaches and incidents, I will be adding 3 new categories of regular posts:
- YAI – Yet Another Incident. A link to a reported breach or incident with a reference to the relevant means from the HS risk catalog.
- YAV – Yet Another Vulnerability. A link to a newly reported vulnerability with a link to the relevant control(s) controls in the HS controls catalog to mitigate it.
- YAR – Yet Another Report. A link to a threat/risk/vulnerability annual report, with commentary on whether it’s findings highlight the need for another means or control in the HS catalogs.