What is CAPEC ?

CAPEC (Common Attack Patterns Enumeration and Classification) is a community-developed formal list of common attack ppaterns. Attack patterns are descriptions of common methods for exploiting software providing the attacker's perspective and guidance on ways to mitigate their effect. They derive from the concept of design patterns applied in a destructive rather than constructive context and are generated from in-depth analysis of specific real-world exploit examples.

Security-Database use CVEs along the appropriate CAPECs if available.

What does it mean to be CAPEC-Compatible ?

"CAPEC-compatible" means that a tool, Web site, database, or other security product or service uses CAPEC names in a manner that allows it to be cross-referenced with other products that employ CAPEC names. CAPEC-compatible means:

  • CAPEC Searchable - users may search security elements using CAPEC identifiers.
  • CAPEC Output - security elements presented to users includes, or allows users to obtain, associated CAPEC identifiers
  • Mapping Accuracy - security elements accurately link to the appropriate CAPEC identifiers
  • CAPEC Documentation - capability's documentation describes CAPEC, CAPEC compatibility, and how CAPEC-related functionality in the capability is used
  • CAPEC Coverage - for CAPEC-Effectiveness, capability's documentation explicitly lists the CAPEC identifiers that the capability is effective at locating in software
  • CAPEC Test Results - for CAPEC-Effectiveness, test results from the capability showing the results of assessing software for the CAPECs are posted on the CAPEC Web site

Security-Database is creating a new generation of complete XML feed. The complete XML feed will enumerate every known information on a vulnerability (CVE, CPE, OVAL ID, CVSS, CWE, CAPEC, CCE, Vendor Patchs ...)

See the CAPEC Web site for detailed information on how a Web site, tool, database, or other security product/service becomes compatible, and for a complete list of CAPEC-compatible products and services.

How Security-Database uses CAPEC ?

Security-Database alerts quotation are mostly based on the publicly known vulnerabilities identified on the CVE List. CVE names (also called "CVE numbers," "CVE-IDs," and "CVEs") are unique, common identifiers for publicly known information security vulnerabilities. We have extended our web development to include CWEs and CAPECs.

Each CVE name includes the following:

  • CVE identifier number (i.e., "CVE-2003-0041").
  • Brief description of the security vulnerability or exposure.
  • Any pertinent references (i.e., vulnerability reports and advisories).
  • CVSS Version 2.0 scores
  • OVAL ID related alert if available
  • CWE ID if available
  • CAPEC ID if available

In order to enumerate all CAPECs entries according to the capec.mitre.org requirements documents and version, the direct link http://www.security-database.com/capec.php get from Menu (Resources -> Security Classification) could be used.

More information on CAPEC Compatibility ?

See the CAPEC Web site for detailed information on how a Web site, tool, database, or other security product or service becomes compatible, and for a complete list of CAPEC-compatible products and services