Making Security Measurable

MITRE, in collaboration with government, industry, and academic stakeholders, is improving the measurability of security through enumerating baseline security data, providing standardized languages as means for accurately communicating the information, and encouraging the sharing of the information with users by developing repositories. This forum pulls together all the community mailing lsit archives of several related standards.
1234 ... 212
Topics (7410)
Replies Last Post Views Sub Forum
New entry added to the "CAPEC Organization Usage" page by rpiazza
0
by rpiazza
Common Attack Pattern Enumeration and Classification
[EXT] CWE Proposal java autoboxing by J Harvey
1
by asummers
CWE Research List
CWE Hardware Weaknesses by asummers
2
by asummers
CWE Research List
[EXT] Queries on some attacks by CODERE Carl-Eric
1
by rpiazza
Common Attack Pattern Enumeration and Classification
CAPEC 3.2 content available expressed using the STIX standard by rpiazza
0
by rpiazza
Common Attack Pattern Enumeration and Classification
Soliciting Contributions to the CAPEC Organization Usage Page by rpiazza
0
by rpiazza
Common Attack Pattern Enumeration and Classification
New entries added to the "CAPEC Organization Usage" page by rpiazza
0
by rpiazza
Common Attack Pattern Enumeration and Classification
CWE Version 3.4.1 Update Release by asummers
0
by asummers
CWE Research List
2019 CWE Top 25 Most Dangerous Software Errors by asummers
0
by asummers
CWE Research List
2019 CWE Top 25 Most Dangerous Software Errors -- Draft by asummers
0
by asummers
CWE Research List
[EXT] CWE 98 by Erez Yalon
2
by Wojtek Andrijew
CWE Research List
Re: [EXT] Question regarding CWE-295 and its (missing) relationships by Robin Gandhi
0
by Robin Gandhi
CWE Research List
CWE Top 25 Most Dangerous Software Errors by asummers
1
by Tom Brennan
CWE Research List
CWE minor release (version 3.3) by asummers
0
by asummers
CWE Research List
[EXT] Template for submitting new CWE's by Kurt Seifried
0
by Kurt Seifried
CWE Research List
[EXT] RE: Proposed new CWE: Machine learning classifier vulnerable to adversarial inputs (adversarial machine learning) by Wheeler, David A
1
by Joe Jarzombek
CWE Research List
CWE Version 3.2 is Released by Andrew Buttner
0
by Andrew Buttner
CWE Research List
[EXT] CVE for insecure use of assert? by Jeffrey Walton
0
by Jeffrey Walton
CWE Research List
Request for CWE: Improper Licensing (UNCLASSIFIED) by Hood, Jonathan W CTR...
24
by Wheeler, David A
CWE Research List
Upcoming CWE release to include new entries derived from CQE by Christey, Steven M.
0
by Christey, Steven M.
CWE Research List
Question to the group by Shifflett, David M [...
1
by Lisa Young
CWE Research List
CWE-365 "Race Condition in Switch" is not applicable to C/C++ by Fulvio Baccaglini
6
by Hood, Jonathan W CTR...
CWE Research List
CWE-401 "Memory Leak" => Example 2 => CWE-789 "Uncontrolled Memory Allocation" by Fulvio Baccaglini
1
by Andrew Buttner
CWE Research List
CWE-186 by G. Ann Campbell
5
by Steve Overland
CWE Research List
CWE-495 "Private Array-Typed Field Returned From A Public Method" - C++ Example: Array vs non-Array by Fulvio Baccaglini
1
by Andrew Buttner
CWE Research List
CWE-462 "Duplicate Key in Associative List (Alist)" - C++ Example & Automated Detection by Fulvio Baccaglini
1
by Andrew Buttner
CWE Research List
Question about CWE-397 for the Discussion List by Fulvio Baccaglini
2
by Arthur Hicken
CWE Research List
CWE for backdoors by Kurt Seifried
7
by Christey, Steven M.
CWE Research List
New CWE Research List Address by Andrew Buttner
0
by Andrew Buttner
CWE Research List
MAEC 5.0 Users/Future Thoughts by Kirillov, Ivan A.
0
by Kirillov, Ivan A.
MAEC - Malware Attribute Enumeration and Characterization
CWE Version 3.1 is Released by Andrew Buttner
0
by Andrew Buttner
CWE Research List
zero-width chars as a related CWE to CWE-1007 (Homoglyph attacks) by Kurt Seifried
0
by Kurt Seifried
CWE Research List
CWE-125 ("Out-of-bounds Read") extended description by Will Klieber
3
by Christey, Steven M.
CWE Research List
CWE proposal for "Improper reliance on certificate pinning" by Kurt Seifried
4
by Christey, Steven M.
CWE Research List
Re: Proposed new CWE: Machine learning classifier vulnerable to adversarial inputs (adversarial machine learning) by Wheeler, David A
10
by Christey, Steven M.
CWE Research List
1234 ... 212