cat slave diary

mostly useless crap from me

MITRE Vulnerability trends released

without comments

In September, MITRE talked about statistical proof that apps still suck on a mail list. In fact, web apps suck much more than any other form of vulnerability.

MITRE was surprised that their data set was so popular, and cleaned it up and released it.

http://cwe.mitre.org/documents/vuln-trends.html 

These will form the basis of the OWASP Top 10 2007, and as I’m also working on the SANS Top 20 2006 will contain some or all of this detail, with some luck.

Written by vanderaj

October 6th, 2006 at 10:01 am

Posted in OWASP, Security

« Reviewing Spring Web Flow apps (and JSTL and Spring Framework)
Attack vector for Windows Genuine Disadvantage »

Leave a Reply