Bugs related to the Security Assurance team. These include server/network related security issues. (more info)

The Rapid Risk (Impact) Assessment (also called Rapid Risk Analysis) is a 60 minutes or less discussion about the potential risks of a project. The RRA is high level and lightweight.

Risk recorded during a risk analysis. These entries represent the risks and recommendations made. Tracking of remediations, acceptance of risk ("wontfix"), or discussion is done here.

A semi-automated point-in-time vulnerability assessment conducted by a vulnerability scanner and other “point and shoot” tools for an explicit set of target(s). May include a validation component, depending on scope.