...
| Threat Description | Attacker obtains authentication credentials by monitoring the network |
|---|---|
| Threat target | Web application user authentication process |
| Risk rating | High |
| Attack techniques | Use of network monitoring software |
| Countermeasures | Use SSL to provide encrypted channel |