CWE_CAPEC

On this week's blog, we're building on the international “Top Routinely Exploited Vulnerabilities” joint #cybersecurity advisory to show you which CWE and CAPEC entries to pay attention to when building your software so it won't make the next list.https://bit.ly/2ZWwkMR 

You may have heard about the #CWE Top 25 List, but how is it calculated, and how can it help you? CWE's Steve Battista and Rushi Purohit address these questions and more on this week's episode of the Out-of-Bounds podcast.https://youtu.be/N3KD4LJMy64 

We’re happy to share an intro to the Common Attack Pattern Enumeration and Classification (CAPEC) on the Out-of-Bounds podcast! #CAPEC Lead Rich Piazza provides insight on why the resource was developed & how it helps the #infosec community:https://bit.ly/2WGVFZZ 

We’re pleased to announce the launch of our new podcast, Out-of-Bounds Read! In this first episode, hear about why #CWE was created, how the program helps the #infosec community, and more.https://youtu.be/mKcGLw9pfPc 

Remember that time Berkshire Hathaway's stock was so high that Warren Buffett was declared broke? Similar to #Y2K, #BuffettOverflow is making significant waves. Prevent this from occurring in your software! https://bit.ly/3Bd9Pld  #infosec

Find out why "an Apple 0-day could keep some customers away": https://bit.ly/3y6uwwA  #XML #iOS #appsec

How can the #CWE team make the tools offered more valuable to you and your organization? Find out what the internal project team is considering for the future to enhance the CWE Compatibility Program.https://bit.ly/3effUDV 

ICYMI, hear James Croall of @Synopsys and @Parasoft’s Arthur Hicken explore ways of increasing industry collaboration to build a more robust #CWE Compatibility Program. How else can we better serve you?https://bit.ly/33dVBk1