From the course: Developing Secure Software (2015)
Unlock the full course today
Join today to access over 22,600 courses taught by industry experts or purchase this course individually.
Security vulnerabilities
From the course: Developing Secure Software (2015)
Security vulnerabilities
- Security vulnerabilities need to be managed systematically to help identify weaknesses in the affected source code of a software system. A close inspection of the source code sometimes leads to something more fundamental, that is, a design flaw. Many automated vulnerability management systems take advantage of the common vulnerabilities and exposures, or CVE, database maintained by MITRE. CVE is a repository of all the reported security vulnerabilities associated with a specific software system. Each CVE entry has a unique identifier which is commonly used by many commercial vulnerability management systems to refer to a specific software vulnerability. On the other hand, common weakness enumeration, or CWE, categorizes the vulnerabilities identified in CVE. Therefore, CWE has much fewer entries in its database and offers a list of all the different types of vulnerabilities instead of their instances. CVE has too many software product-specific details to be useful for us to use it…
Contents
-
-
-
-
-
Introduction to secure design1m 31s
-
(Locked)
Security tactics1m 21s
-
(Locked)
Security patterns1m 38s
-
(Locked)
Security vulnerabilities2m 1s
-
(Locked)
Architectural analysis for security2m
-
(Locked)
Case study: Setting the Stage33s
-
(Locked)
Case study: Tactic-Oriented Architectural Analysis1m 36s
-
(Locked)
Case study: Pattern-Oriented Architectural Analysis2m 33s
-
(Locked)
Case study: Vulnerability-Oriented Architectural Analysis1m 44s
-
(Locked)
Software security anti-patterns2m 7s
-
-
-
-
-