← Cybersecurity Alphabet Soup

OCTAVE

Operationally Critical Threat, Asset, and Vulnerability Evaluation

governancehard

A risk assessment methodology developed at Carnegie Mellon's Software Engineering Institute. It guides organizations through identifying critical assets, the threats to them, and the vulnerabilities that expose them, driven by the organization's own staff rather than outside auditors. Variants like OCTAVE Allegro streamline the process for smaller teams.

Sources

More in governance