CISQ Automated Source Code Quality Measures with draft list of CWEs associated with Data Protection

classic Classic list List threaded Threaded
1 message Options
Reply | Threaded
Open this post in threaded view
|

CISQ Automated Source Code Quality Measures with draft list of CWEs associated with Data Protection

Joe Jarzombek

Attached is the flat list of CWEs that are relevant to CISQ Automated Source Code Quality Measures, including the draft list of CWEs associated with Data Protection.  Note:  For CISQ ASCQM, the parent CWEs are included even if all applicable child CWEs are included.

 

Additional review and input is still welcome.

 

Obvious, the CWE Data Protection View to be posted in Nov would include hardware design flaws that are not in scope of the CISQ ASCQM.

 

Regards,

 

   -Joe -

 

Joe Jarzombek, CSSLP 

Director for Government & Critical Infrastructure Programs

Email: [hidden email]  |  Mobile: 703 627-4644  |

https://www.synopsys.com/solutions/aerospace-defense.html

 


ASCQM CWEs Matrix including Data Protection.xlsx (28K) Download Attachment