Threat Level: green Handler on Duty: Jan Kopriva

SANS ISC: SANS Internet Storm Center SANS Internet Storm Center

Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!

Latest Diaries

Mitre CWE - Common Weakness Enumeration

Published: 2021-06-21
Last Updated: 2021-06-21 19:10:23 UTC
by Rick Wanner (Version: 1)
0 comment(s)

If you are involved in the security industry  you are at least somewhat familiar with the Mitre ATT&CK framework, the very useful, community driven, knowledgebase of attack threat models and methodologies which can be used to emulate adversary behavior to test security controls. However fewer are aware of a lesser known Mitre project, Common Weakness Enumeration (CWE).

CWE is a community developed list of common software and hardware weaknesses which serves as a common language which can be used as an input to security processes.  One way I have commonly used the CWE is to aid in creation of Request for Proposals (RFP) for security products, but it can also be used as input to penetration tests, security assessments,  product testing and many other use cases. 

At the present time the CWE contains 918 documented weaknesses, but the CWE contributors have organized those weaknesses into useful groupings, or views, which make the CWE applicable to many different usages. One of the most popular views is the CWE Top 25 Most Dangerous Software Weaknesses, which can be used as a starting point to securing software applications. There is also a view which maps weaknesses to the OWASP Top 10 as well as many other views into the CWE data.

The CWE Project as well as ATT&CK are always looking for contributors.  Getting involved in projects like these are an excellent way to network in the security industry as well as an excellent place to develop security skills.  For those of you who are new to the security industry, active participation in projects like these can look very good on your resume. Please consider contributing if you have the time.


-- Rick Wanner MSISE - rwanner at isc dot sans dot edu - Twitter:namedeplume (Protected)

0 comment(s)

If you have more information or corrections regarding our diary, please share.

Recent Diaries

Video: oledump Cheat Sheet
Jun 20th 2021
1 day ago by DidierStevens (0 comments)

Easy Access to the NIST RDS Database
Jun 19th 2021
2 days ago by Xme (0 comments)

Open redirects ... and why Phishers love them
Jun 18th 2021
3 days ago by Daniel (0 comments)

Network Forensics on Azure VMs (Part #2)
Jun 18th 2021
4 days ago by Daniel (0 comments)

Network Forensics on Azure VMs (Part #1)
Jun 17th 2021
4 days ago by Daniel (0 comments)

June 2021 Forensic Contest
Jun 16th 2021
5 days ago by Brad (0 comments)

Multi Perimeter Device Exploit Mirai Version Hunting For Sonicwall, DLink, Cisco and more
Jun 15th 2021
6 days ago by Johannes (0 comments)

View All Diaries →

Latest Discussions

Dshield Sensor
created Jun 8th 2021
1 week ago by Rick (0 replies)

API port data
created Apr 25th 2021
1 month ago by JJ (1 reply)

RSS feed containing non-XML compatible characters
created Apr 14th 2021
2 months ago by Anonymous (1 reply)

Handler's Diary (Full text) RSS Feeds stopt working due to a typo
created Mar 5th 2021
3 months ago by (0 replies)

port_scan issue in Snort3
created Feb 23rd 2021
3 months ago by astraea (0 replies)

View All Forums →

Latest News

Top Diaries

Maldocs: Protection Passwords
Feb 28th 2021
3 months ago by DidierStevens (0 comments)

An infection from Rig exploit kit
Jun 17th 2019
2 years ago by Brad (0 comments)

Qakbot infection with Cobalt Strike
Mar 3rd 2021
3 months ago by Brad (0 comments)

Adversary Simulation with Sim
Mar 2nd 2021
3 months ago by Russ McRee (0 comments)

Fun with DNS over TLS (DoT)
Mar 1st 2021
3 months ago by Rob VandenBrink (0 comments)