Threat - A threat is something that may or may not happen, but if happens it has the potential to cause serious damage.
- An activist tries to steal data from your website
- A fire starts in your datacenter
Vulnerability - A vulnerability is a security risk in a software program that puts the program or computer at danger of malicious programs.
- Common examples of Vulnerabilities include:
- Cross-site Scripting (XSS)
- SQL Injection
- Cleartext transmission of sensitive data
Risk - Computer security risks can be created by malware that can infect your computer and put system and organization in a huge damage.
risk = probability x impact