The Department of Homeland Security released a dictionary of software weaknesses and their associated mitigation practices yesterday.
The guide, titled Common Weakness Enumeration version 2.0, was created in partnership with the Mitre Corporation and developed by experts from government, industry and academia from across the software security community.
According to DHS, the CWE was completed by DHS’s National Cybersecurity Division under the Software Assurance Program. In collaboration with the private sector, the Software Assurance Program spearheads the development of practical guidance and tools while promoting research and development of secure software engineering.
The recent publication of known weaknesses is available for public use and will enable software developers to build secure software from the ground up while limiting software vulnerabilities that can be potentially exploited by malicious actors.