Common Weakness Enumeration

A Community-Developed List of Software & Hardware Weakness Types

CWE Top 25 Most Dangerous Weaknesses
Home > CWE Top 25 > 2009 Top 25 Credited Contributors  

2009 Top 25 Credited Contributors
2009 Top 25 Credited Contributors

The following people or organizations are being publicly acknowledged because they provided us with substantive comments on the drafts. This public document is markedly improved thanks to their expert feedback.

Additionally, without the advice and collaboration from Alan Paller and Mason Brown from the SANS Institute, this effort would not be what it has become. Finally, CWE Team members Conor Harris and Janis Kenderdine deserve our endless thanks for their tireless and timely help in updating the CWE items and getting this material into a usable form on the web site.

Robert A. Martin & Steve Christey

Robert C. Seacord CERT
Pascal Meunier CERIAS, Purdue University
Matt Bishop University of California, Davis
Kenneth van Wyk KRvW Associates
Masato Terada Information-Technology Promotion Agency (IPA) (Japan)
Sean Barnum Cigital, Inc.
Mahesh Saptarshi Symantec Corporation
Cassio Goldschmidt Symantec Corporation
Adam Hahn MITRE
Jeff Williams Aspect Security and OWASP
Carsten Eiram Secunia
Josh Drake iDefense Labs at VeriSign, Inc.
Chuck Willis MANDIANT
Michael Howard Microsoft
Bruce Lowenthal Oracle Corporation
Mark J. Cox Red Hat Inc.
Jacob West Fortify Software
Djenana Campara Hatha Systems
James Walden Northern Kentucky University
Frank Kim ThinkSec
Chris Eng Veracode, Inc.
Chris Wysopal Veracode, Inc.
Ryan Barnett Breach Security
Antonio Fontes New Access SA (Switzerland)
Mark Fioravanti II Missing Link Security Inc.
Ketan Vyas Tata Consultancy Services (TCS)
Lindsey Cheng Secured Sciences Group, LLC
Ian Peters Secured Sciences Group, LLC
Tom Burgess Secured Sciences Group, LLC
Hardik Parekh RSA - Security Division of EMC Corporation
Matthew Coles RSA - Security Division of EMC Corporation
Ivan Ristic
Apple Product Security
Software Assurance Forum for Excellence in Code (SAFECode)
Core Security Technologies Inc.
Depository Trust & Clearing Corporation (DTCC)
The working group at the first OWASP ESAPI Summit
National Security Agency (NSA) Information Assurance Division
Department of Homeland Security (DHS) National Cyber Security Division
More information is available — Please select a different filter.
Page Last Updated: January 12, 2017