-
PSA related to CVE and the
#CWETop25: NIST is retiring NVD's XML feeds in October. (Guess how I found out ;-)) Might want to make sure you don't have any dependencies the XML feed. (json continues) https://nvd.nist.gov/General/News/XML-Vulnerability-Feed-Retirement … -
#SQLinjection is no longer considered the top threat in#CWEtop25 but it's still common, easy, and dangerous#sqli#cybersecurityhttps://ubm.io/39NmYn4 -
CWE Top 25 (2019) – List of Top 25 Most Dangerous Software Weakness that Developers Need to Focus
#cwetop25#vulnerabil... https://thehackernews.co/cwe-top-25-2019-list-of-top-25-most-dangerous-software-weakness-that-developers-need-to-focus/?feed_id=2732&_unique_id=5dcb792e77a86 … -
SQLi increase also seems inconsistent with what OWASP seems to be reporting. Can't really compare
#CWETop25 from 2011 with the 2019 version due to major methodology changes :( and even NVD data prolly isn't directly comparable :( -
NVD has integrated the CWE mapping changes from the 2019 CWE Top 25 project. If you’re interested in replicating the methodology, get the new NVD data and see https://cwe.mitre.org/top25/archive/2019/2019_cwe_top25.html#remapping_task …
#CWETop25#NVD -
Memory Errors Top MITRE’s ‘Most Dangerous’ List, presenting biggest threat to orgs. New report reveals Top 25 most dangerous software errors–see how Virsec provides complete coverage for Top 10 errors, Memory and Web errors & more. https://buff.ly/30xuzjG
#Virsec#CWETop25#MITREpic.twitter.com/c3KHOdnJQl
-
So, CWE
@CweCapec@mitrecorp have released their Top 25 software errors that can lead to the most serious vulnerabilities in the software. What do you think about the Top 10? Agree/disagree.#cwetop25 https://loom.ly/asHfz_M -
.
@MITREcorp just issued the Top 25 List of Software Weaknesses via@CweCapec. Many of the top weakness have been on the list for years. Read more via@DarkReading https://www.darkreading.com/threat-intelligence/mitre-releases-2019-list-of-top-25-software-weaknesses/d/d-id/1335829 …#CWETop25#Software Security -
List of Top 25 Most Dangerous Software Flaws – 2019 CWE Top 25 Read More: https://gbhackers.com/2019-cwe-top-25/ … The list was generated based on the data-driven approach based on the CVE published NVD, as well as the CVSS scores associated with it.
#CWETop25#vulnerability#cybersecuritynewspic.twitter.com/U1XMAH9DE9
-
This is more useful to teach developers, IMHO, than the OWASP Top 10. Why? Because the OWASP Top 10 describes vulnerabilities or attacks (and isn't specific on what), using InfoSec language. MITRE's
#CWETop25, by contrast, talks to devs about dev behaviours using dev language. https://twitter.com/SushiDude/status/1174060168805539844 … -
We are investigating why CWE-20 (improper input validation) is #3 in the CWE Top 25. It's a broad class, often used in low-info disclosures. Many CVEs say "input validation" w/o more details. Could also indicate a gap in the CWEs that NIST uses for mapping.
#CWETop25@CweCapechttps://twitter.com/unixgeekem/status/1173979572330582016 … -
CVE Entries, combined with NVD’s CVSS scores, are the basis for the 2019 CWE Top 25 https://twitter.com/CweCapec/status/1174009323787341827 …
#cve#cveentries#CWETop25 -
The 2019 CWE Top 25 Most Dangerous Software Errors list is now available. See https://go.usa.gov/xVEgS .
#Cyber#Cybersecurity#InfoSec#CWETop25 -
#CWETop25 CWE Top 25
Čini se da učitavanje traje već neko vrijeme.
Twitter je možda preopterećen ili ima kratkotrajnih poteškoća u radu. Pokušajte ponovno ili potražite dodatne informacije u odjeljku Status Twittera.