Making Security Measurable

MITRE, in collaboration with government, industry, and academic stakeholders, is improving the measurability of security through enumerating baseline security data, providing standardized languages as means for accurately communicating the information, and encouraging the sharing of the information with users by developing repositories. This forum pulls together all the community mailing lsit archives of several related standards.
1234 ... 211
Topics (7374)
Replies Last Post Views Sub Forum
CWE-125 ("Out-of-bounds Read") extended description by Will Klieber
2
by Christey, Steven M.
CWE Research List
CWE Relationships - Better Display by Andrew Buttner
1
by Arthur Hicken
CWE Research List
CWE Version 3.0 is Released by Andrew Buttner
0
by Andrew Buttner
CWE Research List
[MAEC] MAEC 5 Slate Docs by Kirillov, Ivan A.
0
by Kirillov, Ivan A.
MAEC - Malware Attribute Enumeration and Characterization
New weakness: untrusted HTML targets. HTML target= and window.open() enables easy reverse tabnabbing by Wheeler, David A
1
by Andrew Buttner
CWE Research List
Request for comment - homophone attacks by Kurt Seifried
32
by Jeffrey Walton
CWE Research List
[Xccdf-dev] (no subject) by Gary Clark
6
by John Borkowski
XCCDF - The eXtensible Configuration Checklist Description Format
[Xccdf-dev] unsubscribe by jamisan
0
by jamisan
XCCDF - The eXtensible Configuration Checklist Description Format
[MAEC] MAEC 5.0 Final Release by Kirillov, Ivan A.
3
by Terry MacDonald
MAEC - Malware Attribute Enumeration and Characterization
Re: CWE 3.0 - quick progress update - should include CQE by Joe Jarzombek
1
by Walter Houser
CWE Research List
CWE discussion/request for DNS related issue by Kurt Seifried
8
by Shifflett, David M [...
CWE Research List
CWE 3.0 - quick progress update by Christey, Steven M.
0
by Christey, Steven M.
CWE Research List
Question/Discussion about https://cwe.mitre.org/data/definitions/308.html by Kurt Seifried
1
by Kurt Seifried
CWE Research List
Question/discussion about CWE-830: Inclusion of Web Functionality from an Untrusted Source by Kurt Seifried
0
by Kurt Seifried
CWE Research List
Some more common programmer errors by Kurt Seifried
0
by Kurt Seifried
CWE Research List
[MAEC] MAEC 5.0 DRAFT Release by Kirillov, Ivan A.
2
by Kirillov, Ivan A.
MAEC - Malware Attribute Enumeration and Characterization
CWE for DNS/PTR/etc shenanigans by Kurt Seifried
0
by Kurt Seifried
CWE Research List
[MAEC] MAEC 5.0 Release Timeline by Kirillov, Ivan A.
0
by Kirillov, Ivan A.
MAEC - Malware Attribute Enumeration and Characterization
[MAEC] MAEC Supporters/Adopters Page by Kirillov, Ivan A.
0
by Kirillov, Ivan A.
MAEC - Malware Attribute Enumeration and Characterization
CWE Schema Proposal by Andrew Buttner
1
by Andrew Buttner
CWE Research List
Suggestions for Changes to CWE-581 (UNCLASSIFIED) by Hood, Jonathan W CTR...
5
by Hood, Jonathan W CTR...
CWE Research List
[MAEC] Vendors adopting MAEC by Arun Lakhotia
2
by Kirillov, Ivan A.
MAEC - Malware Attribute Enumeration and Characterization
[Xccdf-dev] I don't want to unsubscribed by Roxy Mire
1
by Roxy Mire
XCCDF - The eXtensible Configuration Checklist Description Format
[Xccdf-dev] How to unsubscribe from xccdf-dev by Charles Schmidt (MIT...
6
by Roxy Mire
XCCDF - The eXtensible Configuration Checklist Description Format
[Xccdf-dev] My phone's been hacked by Roxy Mire
0
by Roxy Mire
XCCDF - The eXtensible Configuration Checklist Description Format
[Xccdf-dev] XCCDF export for Nessus by High, Richard A. (SE...
5
by David Adler
XCCDF - The eXtensible Configuration Checklist Description Format
[Xccdf-dev] Help phone hacked by Roxy Mire
0
by Roxy Mire
XCCDF - The eXtensible Configuration Checklist Description Format
[Xccdf-dev] My phone was hacked , it's been 3 weeks. by Roxy Mire
0
by Roxy Mire
XCCDF - The eXtensible Configuration Checklist Description Format
update for https://cwe.mitre.org/data/definitions/67.html by Kurt Seifried
2
by Kurt Seifried
CWE Research List
Request to tidy up CWE-79 / CWE-80 by Kurt Seifried
2
by Harchar, John E [US]...
CWE Research List
Request for comment - oauth related CWEs by Kurt Seifried
0
by Kurt Seifried
CWE Research List
CWE Version 2.11 is Released by Andrew Buttner
0
by Andrew Buttner
CWE Research List
CWE Privacy Policy Change by Andrew Buttner
0
by Andrew Buttner
CWE Research List
test by Robert A. Martin
1
by Charles Parker
CWE Research List
CWE Taxonomy Mappings by Andrew Buttner
0
by Andrew Buttner
CWE Research List
1234 ... 211