Making Security Measurable

MITRE, in collaboration with government, industry, and academic stakeholders, is improving the measurability of security through enumerating baseline security data, providing standardized languages as means for accurately communicating the information, and encouraging the sharing of the information with users by developing repositories. This forum pulls together all the community mailing lsit archives of several related standards.
1234 ... 212
Topics (7395)
Replies Last Post Views Sub Forum
RE: Request for CWE: Improper Licensing (UNCLASSIFIED) by Wheeler, David A
0
by Wheeler, David A
CWE Research List
Upcoming CWE release to include new entries derived from CQE by Christey, Steven M.
0
by Christey, Steven M.
CWE Research List
Question to the group by Shifflett, David M [...
1
by Lisa Young
CWE Research List
RE: [Non-DoD Source] Re: CWE-365 "Race Condition in Switch" is not applicable to C/C++ (UNCLASSIFIED) by Hood, Jonathan W CTR...
3
by Hood, Jonathan W CTR...
CWE Research List
CWE-365 "Race Condition in Switch" is not applicable to C/C++ by Fulvio Baccaglini
2
by Fulvio Baccaglini
CWE Research List
CWE-401 "Memory Leak" => Example 2 => CWE-789 "Uncontrolled Memory Allocation" by Fulvio Baccaglini
1
by Andrew Buttner
CWE Research List
Request for CWE: Improper Licensing (UNCLASSIFIED) by Hood, Jonathan W CTR...
23
by Christey, Steven M.
CWE Research List
CWE-186 by G. Ann Campbell
5
by Steve Overland
CWE Research List
CWE-495 "Private Array-Typed Field Returned From A Public Method" - C++ Example: Array vs non-Array by Fulvio Baccaglini
1
by Andrew Buttner
CWE Research List
CWE-462 "Duplicate Key in Associative List (Alist)" - C++ Example & Automated Detection by Fulvio Baccaglini
1
by Andrew Buttner
CWE Research List
Question about CWE-397 for the Discussion List by Fulvio Baccaglini
2
by Arthur Hicken
CWE Research List
CWE for backdoors by Kurt Seifried
7
by Christey, Steven M.
CWE Research List
New CWE Research List Address by Andrew Buttner
0
by Andrew Buttner
CWE Research List
MAEC 5.0 Users/Future Thoughts by Kirillov, Ivan A.
0
by Kirillov, Ivan A.
MAEC - Malware Attribute Enumeration and Characterization
CWE Version 3.1 is Released by Andrew Buttner
0
by Andrew Buttner
CWE Research List
zero-width chars as a related CWE to CWE-1007 (Homoglyph attacks) by Kurt Seifried
0
by Kurt Seifried
CWE Research List
CWE-125 ("Out-of-bounds Read") extended description by Will Klieber
3
by Christey, Steven M.
CWE Research List
CWE proposal for "Improper reliance on certificate pinning" by Kurt Seifried
4
by Christey, Steven M.
CWE Research List
Re: Proposed new CWE: Machine learning classifier vulnerable to adversarial inputs (adversarial machine learning) by Wheeler, David A
9
by Christey, Steven M.
CWE Research List
Meltdown and Spectre by Andrew Buttner
0
by Andrew Buttner
CWE Research List
Re: [Non-DoD Source] RE: Proposed new CWE: Machine learning classifier vulnerable to adversarial inputs (adversarial machine learning) (UNCLASSIFIED) by Hood, Jonathan W CTR...
0
by Hood, Jonathan W CTR...
CWE Research List
[MAEC] MAEC Email List Changes by Kirillov, Ivan A.
0
by Kirillov, Ivan A.
MAEC - Malware Attribute Enumeration and Characterization
CWE Relationships - Better Display by Andrew Buttner
1
by Arthur Hicken
CWE Research List
CWE Version 3.0 is Released by Andrew Buttner
0
by Andrew Buttner
CWE Research List
[MAEC] MAEC 5 Slate Docs by Kirillov, Ivan A.
0
by Kirillov, Ivan A.
MAEC - Malware Attribute Enumeration and Characterization
New weakness: untrusted HTML targets. HTML target= and window.open() enables easy reverse tabnabbing by Wheeler, David A
1
by Andrew Buttner
CWE Research List
Request for comment - homophone attacks by Kurt Seifried
32
by Jeffrey Walton
CWE Research List
[Xccdf-dev] (no subject) by Gary Clark
6
by John Borkowski
XCCDF - The eXtensible Configuration Checklist Description Format
[Xccdf-dev] unsubscribe by jamisan
0
by jamisan
XCCDF - The eXtensible Configuration Checklist Description Format
[MAEC] MAEC 5.0 Final Release by Kirillov, Ivan A.
3
by Terry MacDonald
MAEC - Malware Attribute Enumeration and Characterization
Re: CWE 3.0 - quick progress update - should include CQE by Joe Jarzombek
1
by Walter Houser
CWE Research List
CWE discussion/request for DNS related issue by Kurt Seifried
8
by Shifflett, David M [...
CWE Research List
CWE 3.0 - quick progress update by Christey, Steven M.
0
by Christey, Steven M.
CWE Research List
Question/Discussion about https://cwe.mitre.org/data/definitions/308.html by Kurt Seifried
1
by Kurt Seifried
CWE Research List
Question/discussion about CWE-830: Inclusion of Web Functionality from an Untrusted Source by Kurt Seifried
0
by Kurt Seifried
CWE Research List
1234 ... 212