Evaluate If SoftwareProduct has Extraneous Attack Steps
Closed this issue · 0 comments
andrewbwm commented
In the newer versions of the language SoftwareProduct
is itself Information
as such we have two associations, originSoftwareProduct
and information
, that try to mostly convey the same thing. Maybe we would like to merge into into just one and even combine some of the attack steps.. However, we should likely preserve as much of the compromise Applications nomenclature as possible to clearly indicate that it is triggers special compromises due to the Information's nature.