AttackerTypes

Type: Array of Objects

Description: A list of attacker profiles used to support Attack Potential or Likelihood Estimation or CVSS. Each attacker type describes a typical attacker capability and may predefine scoring assumptions.

Possible values:

Keys

Type

Description

Example

Id

Integer

A unique identifier for the attacker type (consistent sequence numbering)

Integer values such as

0,

1,

2,

3,

4,

5

Name

String

The name of the attacker type

None,

Remote script kiddy,

Local layman,

Professional workshop,

Advanced attacker,

Expert attacker

ShortName

String or Null

Short representation of the attacker type

String or null

Definition

String

Detailed attacker profile description

Free text

Prerequisites

String

Conditions required for this attacker type

Free text

Examples

String

Example persons or groups matching this type

Free text

Scores

Object

Score mapping for category IDs

Object with numeric values

Effect:

  • Defines attacker profiles used in the methodology.
  • Can predefine scores for categories such as expertise, knowledge, and equipment.
  • Supports consistent and repeatable scoring.

Constraints:

  • IDs must be unique and stable.
  • Scores must reference valid likelihood category IDs.
  • Attacker type definitions must align with the selected methodology.