From the course: Developing Secure Software (2015)
Join today to access over 22,600 courses taught by industry experts or purchase this course individually.
Security vulnerabilities
From the course: Developing Secure Software (2015)
Security vulnerabilities
- Security vulnerabilities need to be managed systematically to help identify weaknesses in the affected source code of a software system. A close inspection of the source code sometimes leads to something more fundamental, that is, a design flaw. Many automated vulnerability management systems take advantage of the common vulnerabilities and exposures, or CVE, database maintained by MITRE. CVE is a repository of all the reported security vulnerabilities associated with a specific software system. Each CVE entry has a unique identifier which is commonly used by many commercial vulnerability management systems to refer to a specific software vulnerability. On the other hand, common weakness enumeration, or CWE, categorizes the vulnerabilities identified in CVE. Therefore, CWE has much fewer entries in its database and offers a list of all the different types of vulnerabilities instead of their instances. CVE has too many software product-specific details to be useful for us to use it…
Download courses and learn on the go
Watch courses on your mobile device without an internet connection. Download courses using your iOS or Android LinkedIn Learning app.
Contents
-
-
-
-
-
Introduction to secure design1m 31s
-
(Locked)
Security tactics1m 21s
-
(Locked)
Security patterns1m 38s
-
(Locked)
Security vulnerabilities2m 1s
-
(Locked)
Architectural analysis for security2m
-
(Locked)
Case study: Setting the Stage33s
-
(Locked)
Case study: Tactic-Oriented Architectural Analysis1m 36s
-
(Locked)
Case study: Pattern-Oriented Architectural Analysis2m 33s
-
(Locked)
Case study: Vulnerability-Oriented Architectural Analysis1m 44s
-
(Locked)
Software security anti-patterns2m 7s
-
-
-
-
-