A community-developed list of SW & HW weaknesses that can become vulnerabilities
The publicly available methodologies included here—Prioritization, CWSS, CWRAF, and the Top 25—help the community leverage the information in the CWE List in actionable ways to improve the quality of their products and/or the security of their enterprises.
Introduces specific steps you can take to (1) assess your individual software assurance situation, and (2) compose a tailored plan to strengthen assurance of integrity, reliability, and resilience of your software and its supply chain.
Includes all currently available CWE working documents.
For Fall 2007, MITRE's short-term strategy for obtaining CWE community feedback.
A summary of the main overall issues in CWE Draft 6.
Major discussion points identified that could have a significant impact on future versions of CWE.