ALERT

[FREE DEMO] Deploy Your Enterprise Cloud in Minutes

Operationally Critical Threat, Asset and Vulnerability Evaluation (OCTAVE)

Definition - What does Operationally Critical Threat, Asset and Vulnerability Evaluation (OCTAVE) mean?

An Operationally Critical Threat, Asset and Vulnerability Evaluation (OCTAVE) is a security framework for identifying, addressing and managing information security assessments and and risk-based planning. It consists of tools, technologies and procedures for helping organizations identify and evaluate the security risks they face. OCTAVE is primarily targeted at organization-related security risks rather than technological risks.

Techopedia explains Operationally Critical Threat, Asset and Vulnerability Evaluation (OCTAVE)

OCTAVE was initially conceived by the Software Engineering Institute at Carnegie Mellon University to help the U.S. Department of Defense (DoD) address its security risks and challenges. It works around three different phases:

  • Building an asset-based threat profile
    This involves the identification and selection of different critical assets and the security requirements for each one of them. A threat profile for all identified assets is created.
  • Indentifying infrastructure vulnerabilities
    This phase involves identifying network access paths, classifying technology components related to critical assets and the extent to which those components are secure against network vulnerabilities and attacks.
  • Develop a security strategy and plan
    Based on the data collected in previous phases, a formal plan is created to address the risks associated with each critical asset.

Techopedia Deals

Connect with us

Techopedia on Linkedin
Techopedia on Linkedin
Tweat cdn.techopedia.com
"Techopedia" on Twitter


'@Techopedia'
Sign up for Techopedia's Free Newsletter!

Email Newsletter

Join thousands of others with our weekly newsletter

Resources
The 4th Era of IT Infrastructure: Superconverged Systems
The 4th Era of IT Infrastructure: Superconverged Systems:
Learn the benefits and limitations of the 3 generations of IT infrastructure – siloed, converged and hyperconverged – and discover how the 4th...
Approaches and Benefits of Network Virtualization
Approaches and Benefits of Network Virtualization:
Businesses today aspire to achieve a software-defined datacenter (SDDC) to enhance business agility and reduce operational complexity. However, the...
Free E-Book: Public Cloud Guide
Free E-Book: Public Cloud Guide:
This white paper is for leaders of Operations, Engineering, or Infrastructure teams who are creating or executing an IT roadmap.
Free Tool: Virtual Health Monitor
Free Tool: Virtual Health Monitor:
Virtual Health Monitor is a free virtualization monitoring and reporting tool for VMware, Hyper-V, RHEV, and XenServer environments.
Free 30 Day Trial – Turbonomic
Free 30 Day Trial – Turbonomic:
Turbonomic delivers an autonomic platform where virtual and cloud environments self-manage in real-time to assure application performance.