Skip to content

VERIS

Threat Informed Defense

Official Website →

VERIS (Vocabulary for Event Recording and Incident Sharing) is a standardized framework for collecting and sharing information about security incidents in a structured, consistent manner.

Framework Structure

The VERIS framework uses the A4 threat model:

  • Actors - Who is behind the incident (external, internal, partner)
  • Actions - What tactics were used (malware, hacking, social, etc.)
  • Assets - What assets were affected (servers, user devices, data)
  • Attributes - How assets were affected (confidentiality, integrity, availability)

Key Features

  • Standardized Vocabulary - Consistent incident categorization
  • Enumerations - Predefined values for common attributes
  • JSON Schema - Machine-readable format
  • Metrics Focus - Designed for statistical analysis

Use Cases

  • Security incident documentation
  • Trend analysis and reporting
  • Benchmarking against industry data
  • Risk assessment and prioritization
  • Compliance and audit documentation

VERIS is the foundation of the Verizon Data Breach Investigations Report (DBIR), providing the methodology for one of the industry’s most comprehensive security research publications.

← All Tools View Resume