Security-Database now mapping alerts with CWE/SANS Top 25

by

In: Metrics

9 April 2010

The 2009 CWE/SANS Top 25 Most Dangerous Programming Errors is a list of the most significant programming errors that can lead to serious software vulnerabilities. They occur frequently, are often easy to find, and easy to exploit. They are dangerous because they will frequently allow attackers to completely take over the software, steal data, or prevent the software from working at all.

We just updated our Vulnerability Cross Link Engine to take into account alerts classified as CWE/SANS Top 25.

This new feature will help auditors to better classify their security results during an assessement or pentesting session.

In each CVE alert entry, you should have an update status that warns you if the vulnerability is classified as CWE/SANS Top 25. Similarly, we have added an indication next to the CWE to differentiate it from others.

Here is an example : http://www.security-database.com/detail.php?alert=CVE-2010-1269

GIF - 8 kb

Stay vigilant and informed with our free IT Vulnerability & Threats Dashboard v2.0 beta.


Related Articles

Metrics