Home Coaching Courses Episodes Free Templates LinkedIn Newsletter Podcast Sponsor Store
OWASP Threat and Safeguard Matrix (TaSM) Builder

OWASP Threat & Safeguard Matrix

The Threat and Safeguard Matrix (TaSM) is an action-oriented view to safeguard and enable the business created by CISO Tradecraft. Simply put if Cyber is in the Business of Revenue Protection, then we need to have a defense in depth plan to combat the biggest threats to our companies. This matrix allows a company to overlay its major threats with the NIST Cyber Security Framework Functions (Identify, Protect, Detect, Respond, & Recover) to build a robust security plan. Organizations that perform this activity will gain a better understanding of how to protect their company as they fill in safeguards that mitigate important threats.

TaSM Logo
How to use: 1. Add a Threat from the list below or create your own.
2. Fill in the specific safeguards for each NIST function.
3. Double-click any cell to toggle the Red Box (Metrics) to indicate a key performance indicator or focus area.
Threat Scenario IdentifyFind Vulnerabilities ProtectBlock Attacks DetectMonitor Threats RespondContain Damage RecoverRestore Systems

Common Threat Library (Click to Add)

Select a threat to add it to your matrix immediately. (Hover over tag to see description)

Brand Impersonation Scams
Business Email Compromise
Business Logic Bugs
BYOD Issues
CEO Impersonation
Cloud Disruption
Compliance Attestation Complications
Credential Theft Issues
Customer Rewards Raid
Email Overloaded
Deepfake Deception
DDoS/Botnet Attack
Forum Defacement
Help Desk Hijack
Insider Threat
Infected IoT Devices
Open Source Trojan
Prolonged Power Outages
Hardware Exploits
Payment Fraud
Private Data Publicly Exposed
Rogue Access Points
Wrong Access Permissions
Unpatched Laptops
Zero-Day Attack
© 2025 Erudite Candor Publishing. All Rights Reserved.