[WEBINAR] The New Normal: Dealing with the Reality of an Unsecure World

Operationally Critical Threat, Asset and Vulnerability Evaluation (OCTAVE)

Definition - What does Operationally Critical Threat, Asset and Vulnerability Evaluation (OCTAVE) mean?

An Operationally Critical Threat, Asset and Vulnerability Evaluation (OCTAVE) is a security framework for identifying, addressing and managing information security assessments and and risk-based planning. It consists of tools, technologies and procedures for helping organizations identify and evaluate the security risks they face. OCTAVE is primarily targeted at organization-related security risks rather than technological risks.

Techopedia explains Operationally Critical Threat, Asset and Vulnerability Evaluation (OCTAVE)

OCTAVE was initially conceived by the Software Engineering Institute at Carnegie Mellon University to help the U.S. Department of Defense (DoD) address its security risks and challenges. It works around three different phases:

  • Building an asset-based threat profile
    This involves the identification and selection of different critical assets and the security requirements for each one of them. A threat profile for all identified assets is created.
  • Indentifying infrastructure vulnerabilities
    This phase involves identifying network access paths, classifying technology components related to critical assets and the extent to which those components are secure against network vulnerabilities and attacks.
  • Develop a security strategy and plan
    Based on the data collected in previous phases, a formal plan is created to address the risks associated with each critical asset.

Techopedia Deals

Connect with us

Techopedia on Linkedin
Techopedia on Linkedin
"Techopedia" on Twitter

Sign up for Techopedia's Free Newsletter!

Email Newsletter

Join thousands of others with our weekly newsletter

Free Whitepaper: The Path to Hybrid Cloud
Free Whitepaper: The Path to Hybrid Cloud:
The Path to Hybrid Cloud: Intelligent Bursting To Amazon Web Services & Microsoft Azure
Free E-Book: Public Cloud Guide
Free E-Book: Public Cloud Guide:
This white paper is for leaders of Operations, Engineering, or Infrastructure teams who are creating or executing an IT roadmap.
Free Tool: Virtual Health Monitor
Free Tool: Virtual Health Monitor:
Virtual Health Monitor is a free virtualization monitoring and reporting tool for VMware, Hyper-V, RHEV, and XenServer environments.
Free 30 Day Trial – Turbonomic
Free 30 Day Trial – Turbonomic:
Turbonomic delivers an autonomic platform where virtual and cloud environments self-manage in real-time to assure application performance.