CWE - Community Members

Members

CWE is a community initiative, leveraging the knowledge, interests, and expertise of the individual researchers and organizations listed below to help develop the CWE List. All contributors are included, from 2006 through present day.

Apple
Aspect Security
Black Duck Software
CAST
CERIAS/Purdue University
CERT/CC (Software Engineering Institute, Carnegie Mellon University)
Cybersecurity and Infrastructure Security Agency (CISA)
Code Scan Labs
Consortium for IT Software Quality (CISQ)
Contrast Security
Core Security Technologies
Denim Group
Depository Trust & Clearing Corporation (DTCC)
Fortify Software Inc., now part of Hewlett Packard Enterprise
GrammaTech, Inc.
Information-technology Promotion Agency, Japan (IPA)
Institute for Defense Analyses (IDA)
Intel Corporation
International Business Machines (IBM)
Interoperability Clearing House (ICH)
James Madison University
Johns Hopkins University Applied Physics Laboratory
KDM Analytics
Kestrel Technology
Klocwork Inc.
LDRA
Microsoft Corporation
MIT Lincoln Labs
MITRE Corporation

National Institute of Standards and Technology (NIST)
National Security Agency
North Carolina State University
Object Management Group
Open Web Application Security Project (OWASP)
Oracle Corporation
Ounce Labs, Inc., now part of IBM Security
Palamida
Parasoft Corporation
PolySpace, now part of Mathworks
Red Hat
SAFECode
SANS Institute
SecureDecisions
Secure Software, Inc.
Security Innovation Inc.
Security University
Semantic Designs, Inc.
SofCheck, Inc., now part of AdaCore
Software Assurance Marketplace (SWAMP)
SonarSource
SureLogic
Synopsys
Tortuga Logic
Trustwave
VERACODE
Web Application Security Consortium (WASC)
Whitehat Security, Inc.

Sponsor

U.S. Department of Homeland Security (DHS) Cybersecurity and Infrastructure Security Agency (CISA)

Common Weakness Enumeration

CWE Community

Members

Sponsor


	Site Map \| Terms of Use \| Manage Cookies \| Cookie Notice \| Privacy Policy \| Contact Us \| Use of the Common Weakness Enumeration (CWE™) and the associated references from this website are subject to the Terms of Use. CWE is sponsored by the U.S. Department of Homeland Security (DHS) Cybersecurity and Infrastructure Security Agency (CISA) and managed by the Homeland Security Systems Engineering and Development Institute (HSSEDI) which is operated by The MITRE Corporation (MITRE). Copyright © 2006–2025, The MITRE Corporation. CWE, CWSS, CWRAF, and the CWE logo are trademarks of The MITRE Corporation.