CWE

Common Weakness Enumeration

A community-developed list of SW & HW weaknesses that can become vulnerabilities

New to CWE? click here!
CWE Most Important Hardware Weaknesses
CWE Top 25 Most Dangerous Weaknesses
Home > News > Industry News Coverage - 2010 Archive  
ID

Industry News Coverage - 2010 Archive
Industry News Coverage - 2010 Archive

Below is a comprehensive monthly review of the news and other media's coverage of CWE. A brief summary of each news item is listed with its title, author (if identified), date, and media source.

March 2010
March 2010

Federal News Radio, March 10, 2010

Federal News Radio interviewed CWE/CAPEC Program Manager Robert A. Martin on March 10, 2010 about CWE and the Top 25 Most Dangerous Programming Errors. In the interview, entitled "Top federal software security holes exposed," Martin states: "The big problem is that traditional education in our country and across the world for software developers, for testers, for program managers has pretty much ignored this area. We put them into our software because we didn't know how they happened. So the CWE, the full Common Weakness Enumeration and then this prioritized part of the CWE, which we're calling the Top 25 Most Dangerous Programming Errors is basically an education tool at the first level. These are issues you should be aware of. You should ask your developers "have you been trained to recognize these if someone puts them in accidentally? Do you know how to program around these so that you don't introduce them?" You test people. "Do you know how to try to misuse and abuse your system?" So that, if there any of these latently in your software, you can find them before the user has it in his hands." A summary of the interview was published on the Federal News Radio Web site.

Federal News Radio, March 3, 2010

Federal News Radio interviewed Joe Jarzombek, director for software assurance in the National Cyber Security Division of the Department of Homeland Security, on March 3, 2010 about software assurance. In the interview, entitled, "Software assurance affects more than just programmers," Jarzombek "explains why the CWE benefits cyber security -- and why this impacts more than programmers." A summary of the interview was published on the Federal News Radio Web site.

February 2010
February 2010

2010 CWE/SANS Top 25 Programming Errors List Receives Extensive News Coverage

CWE and the SANS Institute posted the completed 2010 CWE/SANS Top 25 Programming Errors on the CWE and SANS Web sites on February 16, 2010. A collaboration between the SANS Institute, MITRE, and over 40 top software security experts in the U.S. and Europe, the list provides detailed descriptions of the top 25 programming errors along with authoritative guidance for mitigating and avoiding them.

The release received extensive news media coverage:

Page Last Updated: March 30, 2018