Making Security Measurable

MITRE, in collaboration with government, industry, and academic stakeholders, is improving the measurability of security through enumerating baseline security data, providing standardized languages as means for accurately communicating the information, and encouraging the sharing of the information with users by developing repositories. This forum pulls together all the community mailing lsit archives of several related standards.
1234 ... 211
Topics (7385)
Replies Last Post Views Sub Forum
CWE for backdoors by Kurt Seifried
7
by Christey, Steven M.
CWE Research List
Request for CWE: Improper Licensing (UNCLASSIFIED) by Hood, Jonathan W CTR...
10
by Andrew Buttner
CWE Research List
New CWE Research List Address by Andrew Buttner
0
by Andrew Buttner
CWE Research List
MAEC 5.0 Users/Future Thoughts by Kirillov, Ivan A.
0
by Kirillov, Ivan A.
MAEC - Malware Attribute Enumeration and Characterization
CWE Version 3.1 is Released by Andrew Buttner
0
by Andrew Buttner
CWE Research List
zero-width chars as a related CWE to CWE-1007 (Homoglyph attacks) by Kurt Seifried
0
by Kurt Seifried
CWE Research List
CWE-125 ("Out-of-bounds Read") extended description by Will Klieber
3
by Christey, Steven M.
CWE Research List
CWE proposal for "Improper reliance on certificate pinning" by Kurt Seifried
4
by Christey, Steven M.
CWE Research List
Re: Proposed new CWE: Machine learning classifier vulnerable to adversarial inputs (adversarial machine learning) by Wheeler, David A
9
by Christey, Steven M.
CWE Research List
Meltdown and Spectre by Andrew Buttner
0
by Andrew Buttner
CWE Research List
Re: [Non-DoD Source] RE: Proposed new CWE: Machine learning classifier vulnerable to adversarial inputs (adversarial machine learning) (UNCLASSIFIED) by Hood, Jonathan W CTR...
0
by Hood, Jonathan W CTR...
CWE Research List
[MAEC] MAEC Email List Changes by Kirillov, Ivan A.
0
by Kirillov, Ivan A.
MAEC - Malware Attribute Enumeration and Characterization
CWE Relationships - Better Display by Andrew Buttner
1
by Arthur Hicken
CWE Research List
CWE Version 3.0 is Released by Andrew Buttner
0
by Andrew Buttner
CWE Research List
[MAEC] MAEC 5 Slate Docs by Kirillov, Ivan A.
0
by Kirillov, Ivan A.
MAEC - Malware Attribute Enumeration and Characterization
New weakness: untrusted HTML targets. HTML target= and window.open() enables easy reverse tabnabbing by Wheeler, David A
1
by Andrew Buttner
CWE Research List
Request for comment - homophone attacks by Kurt Seifried
32
by Jeffrey Walton
CWE Research List
[Xccdf-dev] (no subject) by Gary Clark
6
by John Borkowski
XCCDF - The eXtensible Configuration Checklist Description Format
[Xccdf-dev] unsubscribe by jamisan
0
by jamisan
XCCDF - The eXtensible Configuration Checklist Description Format
[MAEC] MAEC 5.0 Final Release by Kirillov, Ivan A.
3
by Terry MacDonald
MAEC - Malware Attribute Enumeration and Characterization
Re: CWE 3.0 - quick progress update - should include CQE by Joe Jarzombek
1
by Walter Houser
CWE Research List
CWE discussion/request for DNS related issue by Kurt Seifried
8
by Shifflett, David M [...
CWE Research List
CWE 3.0 - quick progress update by Christey, Steven M.
0
by Christey, Steven M.
CWE Research List
Question/Discussion about https://cwe.mitre.org/data/definitions/308.html by Kurt Seifried
1
by Kurt Seifried
CWE Research List
Question/discussion about CWE-830: Inclusion of Web Functionality from an Untrusted Source by Kurt Seifried
0
by Kurt Seifried
CWE Research List
Some more common programmer errors by Kurt Seifried
0
by Kurt Seifried
CWE Research List
[MAEC] MAEC 5.0 DRAFT Release by Kirillov, Ivan A.
2
by Kirillov, Ivan A.
MAEC - Malware Attribute Enumeration and Characterization
CWE for DNS/PTR/etc shenanigans by Kurt Seifried
0
by Kurt Seifried
CWE Research List
[MAEC] MAEC 5.0 Release Timeline by Kirillov, Ivan A.
0
by Kirillov, Ivan A.
MAEC - Malware Attribute Enumeration and Characterization
[MAEC] MAEC Supporters/Adopters Page by Kirillov, Ivan A.
0
by Kirillov, Ivan A.
MAEC - Malware Attribute Enumeration and Characterization
CWE Schema Proposal by Andrew Buttner
1
by Andrew Buttner
CWE Research List
Suggestions for Changes to CWE-581 (UNCLASSIFIED) by Hood, Jonathan W CTR...
5
by Hood, Jonathan W CTR...
CWE Research List
[MAEC] Vendors adopting MAEC by Arun Lakhotia
2
by Kirillov, Ivan A.
MAEC - Malware Attribute Enumeration and Characterization
[Xccdf-dev] I don't want to unsubscribed by Roxy Mire
1
by Roxy Mire
XCCDF - The eXtensible Configuration Checklist Description Format
[Xccdf-dev] How to unsubscribe from xccdf-dev by Charles Schmidt (MIT...
6
by Roxy Mire
XCCDF - The eXtensible Configuration Checklist Description Format
1234 ... 211