Security Enumerations
The September/October 2009 Crosstalk has an article by Robert A. Martin entitled "Making Security Measurable and Manageable" which includes a list of security enumerations. The security enumerations are:
- CVE
- Common Weakness Enumeration (CWE)
- Common Attack Pattern Enumeration and Classification (CAPEC)
- Common Configuration Enumeration (CCE)
- Common Platform Enumeration (CPE)
- The SANS Institute Top 20 Security Risks
- Open Web Application Security Project’s Top 10
- Web Application Security Consortiums Threat
- CWE/SANS Top 25 Most Dangerous Programming Errors