This document presents a risk assessment of network security threats for Uber. It identifies key assets like software, databases, and customers. Sources of threats are identified as people, processes, external events, and technology. The scope is on network security since Uber relies on networks. IP addresses, domain names, and email artifacts are observable types. Methods to integrate these into a risk management program are demonstrated through blacklisting sources and validating them based on number of entries, geo-location diversity, and false positives. Limitations and recommendations are provided.