|
|
|
“Out-Of-Bounds Read” is the CWE/CAPEC Program’s free podcast devoted to helping the community that protects systems by understanding weaknesses and attack patterns in software and hardware. Listen now on the CWE/CAPEC Program Channel on YouTube, the Out-of-Bounds Read page on Buzzsprout, or on podcast platforms.
|
|
Using CWE/CAPEC in Education - Episode 8 YouTube | Buzzsprout
In this episode, we chat with Pietro Braione of Università degli Studi di Milano - Bicocca about how he uses CWE and CAPEC to help in college-level classes to teach cybersecurity. How the taxonomy can help teach the breath of issues for software development is also discussed.
|
|
|
Why Cisco Uses CWE While Looking at Fixing Vulnerabilities - Episode 7 YouTube | Buzzsprout
In our seventh episode, we talk with Cisco’s Tim Wadhwa-Brown, Security Research and Offensive Security for Professional Services in Europe and Jared Pendleton, Advanced Security Initiatives Group about how Cisco uses CWE for finding and fixing vulnerabilities. They find it useful to help categorize the types of vulnerabilities to help determine the root cause of possible future vulnerabilities.
|
|
|
Beyond the Buffer Overflow: Finding Weaknesses in Software, an Interview with Larry Cashdollar - Episode 6 YouTube | Buzzsprout
In our sixth episode, Larry Cashdollar of Akamai talks about the types of weaknesses in the many CVEs he has found as a CVE Numbering Authority and how the frequency of these weaknesses have changed. CAPEC is also mentioned.
|
|
|
What Is CWE, Why Is It Important, and How Can It Help Me? - Episode 1 YouTube | MP3
Welcome to the inaugural episode of Out-of-Bounds Read, the CWE/CAPEC Program podcast!
In our first-ever episode, Steve Battista of the CWE/CAPEC Program interviews Steve Christey Coley, the CWE/CAPEC Program Technical Lead, about what Common Weakness Enumeration (CWE™) is and the problem it aims to solve, who can benefit from CWE and how to leverage it, the role of the community, how CWE has evolved over time, and possibilities for the future.
Resources mentioned in this episode:
CWE/CAPEC on Twitter
CWE Submissions Form & Guidelines
Common Vulnerability Scoring System (CVSS)
U.S. National Vulnerability Database’s (NVD) CVSS calculator
|
More information is available — Please edit the custom filter or select a different filter.
|