CWE

Common Weakness Enumeration

A Community-Developed Dictionary of Software Weakness Types

Common Weakness Scoring System
Common Weakness Risk Analysis Framework
Home > CWE/SANS Top 25 > 2011 Credited Contributors  

2011 Credited Contributors

The following people or organizations are being publicly acknowledged because they provided us with substantive comments on the drafts. This public document is markedly improved thanks to their expert feedback.

Additionally, without the advice and collaboration from Alan Paller and Dennis Kirby from the SANS Institute, this effort would not be what it has become. Finally, CWE Team members Janis Kenderdine, Brendan Miles, John Mazella, Sean Barnum, and Scott Bennett deserve our endless thanks for their tireless and timely help in updating the CWE items and getting this material into a usable form on the web site.

Robert A. Martin & Steve Christey


Contributors to the "CWE/SANS Top 25 Most Dangerous Software Errors" list:

Mark J. Cox Red Hat Inc.
Carsten Eiram Secunia (Denmark)
Pascal Meunier CERIAS, Purdue University
Razak Ellafi & Olivier Bonsignour CAST Software
David Maxwell NetBSD
Cassio Goldschmidt & Mahesh Saptarshi Symantec Corporation
Chris Eng Veracode, Inc.
Paul Anderson Grammatech Inc.
Masato Terada Information-Technology Promotion Agency (IPA) (Japan)
Bernie Wong IBM
Dennis Seymour Ellumen, Inc.
Kent Landfield McAfee
Hart Rossman SAIC
Jeremy Epstein SRI International
Matt Bishop UC Davis
Adam Hahn & Sean Barnum MITRE
Jeremiah Grossman White Hat Security
Kenneth van Wyk KRvW Associates
Bruce Lowenthal Oracle Corporation
Jacob West Fortify Software, an HP Company
Frank Kim ThinkSec
Mark Fioravanti Department of Homeland Security (DHS), Science & Technology Directorate
Christian Heinrich (Australia)
Ketan Vyas Tata Consultancy Services (TCS)
Joe Baum Motorola Solutions
Matthew Coles, Aaron Katz, Izar Tarandach & Nazira Omuralieva RSA, the Security Division of EMC
National Security Agency (NSA) Information Assurance Division
Department of Homeland Security (DHS) National Cyber Security Division

The "CWE/SANS Top 25 Most Dangerous Software Errors" list relies upon the Common Weakness Scoring System (CWSS) as part of the ranking. The following individuals/organizations have contributed to evolving CWSS to date:

Bruce Lowenthal Oracle
Damir (Gaus) Rajnovic Cisco
Stephen Chasko
Chris Eng & Chris Wysopal Veracode
Capers Jones
Edward Luck & Martin Tan Dimension Data (Australia)
James Jardine Jardine Software
Jon Zucker Cenzic
Jason Liu Northrop Grumman
Ory Segal IBM
Mahi Dontamsetti DTCC
Hart Rossman SAIC
Tom Stracener
Rama Moorthy Hatha Systems
Rohit Sethi Security Compass
Chii-Ren Tsai Citigroup
Joe Jarzombek Department of Homeland Security (DHS), National Cyber Security Division
Richard Struse Department of Homeland Security (DHS), National Cyber Security Division
Page Last Updated: June 27, 2011