CWE

Common Weakness Enumeration

A Community-Developed Dictionary of Software Weakness Types

Common Weakness Scoring System
Common Weakness Risk Analysis Framework
Home > Compatibility  

CWE Compatibility
CWE Compatibility

The CWE Compatibility and Effectiveness Program provides for a product or service to be reviewed and registered as officially "CWE-Compatible" and "CWE-Effective," thereby assisting organizations in their selection and evaluation of tools and/or services for assessing their acquired software for known types of weaknesses and flaws, for learning about the various weaknesses and their possible impact, or to obtain training and education about these issues. Organizations with products and services still working towards compatibility and effectiveness are also listed.

CWE-Compatible Products and Services must meet the first four (4) of the six (6) requirements below, while CWE-Effective Products and Services must meet all six (6) requirements. Please review the complete set of requirements to fully understand CWE compatibility and effectiveness.

CWE Searchable users may search security elements using CWE identifiers
CWE Output security elements presented to users includes, or allows users to obtain, associated CWE identifiers
Mapping Accuracy security elements accurately link to the appropriate CWE identifiers
CWE Documentation capability's documentation describes CWE, CWE compatibility, and how CWE-related functionality in the capability is used
CWE Coverage for CWE-Compatibility and CWE-Effectiveness, the capability's documentation explicitly lists the CWE-IDs that the capability claims coverage and effectiveness against locating in software
CWE Test Results for CWE-Effectiveness, test results from the capability showing the results of assessing software for the CWEs are posted on the CWE Web site

See the CWE Compatibility and Effectiveness Program or email cwe@mitre.org for information on how to register your product(s) or services(s) as CWE-compatible or CWE-effective.

Page Last Updated: June 26, 2011