1metadata:
2 id: EXAMPLE-THREAT-CATALOG
3 type: ThreatCatalog
4 gemara-version: "1.1.0"
5 version: "1.0.0"
6 description: Example Threat Catalog
7 author:
8 id: security-team
9 name: Security Team
10 type: Human
11 mapping-references:
12 - id: EXAMPLE-CAPABILITY-CATALOG
13 title: Example Capability Catalog
14 version: "1.0.0"
15
16title: Example Threat Catalog
17
18groups:
19 - id: stride-s
20 title: Spoofing
21 description: Impersonating something or someone to gain unauthorized access
22
23threats:
24 - id: THREAT-001
25 title: Exploitation of Vulnerable Container Images
26 description: Attackers exploit known vulnerabilities in container images.
27 group: nonexistent-group
28 capabilities:
29 - reference-id: EXAMPLE-CAPABILITY-CATALOG
30 entries:
31 - reference-id: CAP-001