OWASP Top 10

classic Classic list List threaded Threaded
1 message Options
Reply | Threaded
Open this post in threaded view

OWASP Top 10


that would be nice to try to update the relationships between CAPEC
and the OWASP Top 10 CWEs.

I would suggest to use a mapping of the different version of OWASP Top 10

e.g. for all the current CAPEC/CWE relationships to
CWE-713 OWASP Top Ten 2007 Category A2 - Injection Flaws
I would suggest to add the same relationship to
CWE-929 OWASP Top Ten 2013 Category A1 - Injection

Attached is the mapping suggested.

Thank you
Best regards

OWASPTOP10_Mapping_CWE.xlsx (12K) Download Attachment