Sunday, April 18, 2010

Web Application threat mapping



If you are in the web application security area, you must be aware that there are multiple references you can use for highlighting the various threats but did you ever wanted to show a common reference point?


Folks at the web application security consortium has come up with just that, a mapping of the various classification references, which are WASC Threat Classification's Attacks and Weaknesses with MITRE's Common Weakness Enumeration, MITRE's Common Attack Pattern Enumeration and ClassificationOWASP Top Ten 2010 RC1 (original mapping with OWASP Top Ten from Jeremiah Grossman & Bill Corry) and SANS/CWE and OWASP Top Ten 2007 and 2004 


The mapping is available here.

No comments: