• xThreat Vector: Information Disclosure
IDNameThreats
AIS-02Application Security Baseline RequirementsSTRIDE-LM
AIS-04Secure Application Design and DevelopmentSTRIDE-LM
AIS-06Automated Secure Application DeploymentSTRIDE-LM
BCR-08BackupSTRIDE-LM
CEK-03Data EncryptionSTRIDE-LM
CEK-04Encryption AlgorithmSTRIDE-LM
CEK-10Key GenerationSTRIDE-LM
CEK-11Key PurposeSTRIDE-LM
CEK-12Key RotationSTRIDE-LM
CEK-13Key RevocationSTRIDE-LM
CEK-14Key DestructionSTRIDE-LM
CEK-15Key ActivationSTRIDE-LM
CEK-16Key SuspensionSTRIDE-LM
CEK-17Key DeactivationSTRIDE-LM
CEK-19Key CompromiseSTRIDE-LM
DCS-07Controlled Access PointsSTRIDE-LM
DCS-09Secure Area AuthorizationSTRIDE-LM
DSP-02Secure DisposalSTRIDE-LM
DSP-07Data Protection by Design and DefaultSTRIDE-LM
DSP-08Data Privacy by Design and DefaultSTRIDE-LM
DSP-10Sensitive Data TransferSTRIDE-LM
DSP-17Sensitive Data ProtectionSTRIDE-LM
HRS-03Clean Desk Policy and ProceduresSTRIDE-LM
IPY-03Secure Interoperability and Portability ManagementSTRIDE-LM
IVS-03Network SecuritySTRIDE-LM
IVS-04OS Hardening and Base ControlsSTRIDE-LM
IVS-06Segmentation and SegregationSTRIDE-LM
IVS-07Migration to Cloud EnvironmentsSTRIDE-LM
LOG-04Audit Logs Access and AccountabilitySTRIDE-LM
LOG-11Transaction/Activity LoggingSTRIDE-LM
UEM-02Application and Service ApprovalSTRIDE-LM
UEM-06Automatic Lock ScreenSTRIDE-LM
UEM-08Storage EncryptionSTRIDE-LM
UEM-10Software FirewallSTRIDE-LM
UEM-11Data Loss PreventionSTRIDE-LM
UEM-13Remote WipeSTRIDE-LM