CAPEC - Resources


CAPEC Common Attack Pattern Enumeration and Classification A Community Resource for Identifying and Understanding Attacks	New to CAPEC? Start Here

Home > About CAPEC > Resources

About CAPEC

The publications and websites listed below also provide information about attack patterns.

Attack Patterns content area of the DHS-sponsored Build Security In website located at https://buildsecurityin.us-cert.gov/articles/knowledge/attack-patterns.
Moore, A. P.; Ellison, R. J.; & Linger, R. C. Attack Modeling for Information Security and Survivability (CMU/SEI-2001-TN-001, ADA388771). Pittsburgh, PA: Software Engineering Institute, Carnegie Mellon University, 2001.
Hoglund, Greg & McGraw, Gary. Exploiting Software: How to Break Code. Boston, MA: AddisonWesley, 2004 (ISBN 0-2017-8695-8).
Gegick, Michael & Williams, Laurie. "Matching Attack Patterns to Security Vulnerabilities in SoftwareIntensive System Designs." ACM SIGSOFT Software Engineering Notes, Proceedings of the 2005 workshop on Software engineering for secure systems—building trustworthy applications SESS '05, Volume 30, Issue 4. New York, NY: ACM Press, 2005.
McGraw, Gary. Software Security: Building Security In. Boston, MA: Addison-Wesley, 2006. http://www.swsec.com/.

More information is available — Please select a different filter.

Page Last Updated or Reviewed: April 04, 2019


MITRE	Site Map \| Terms of Use \| Manage Cookies \| Cookie Notice \| Privacy Policy \| Contact Us \| CAPEC on Twitter CAPEC on LinkedIn CAPEC on YouTube CAPEC Out-of-Bounds-Read Podcast CAPEC Blog on Medium Use of the Common Attack Pattern Enumeration and Classification (CAPEC), and the associated references from this website are subject to the Terms of Use. Copyright © 2007–2025, The MITRE Corporation. CAPEC and the CAPEC logo are trademarks of The MITRE Corporation.	HSSEDI