and how the frequency of these weaknesses have changed.
Out of Bounds Read podcast - CWE and Hardware Security
CWE and Hardware Security YouTube
In our fifth episode, hardware experts discuss hardware CWEs and the "
2021 CWE™ Most Important Hardware Weaknesses List," including how the list will help the community, their favorite entries and surprising items on the list, and stories around hardware weaknesses.
Interviewees include:
Jason Fung, Director of Offensive Security Research and Academic Research Engagement at Intel
Jason Oberg, Cofounder and Chief Technology Officer at Tortuga Logic
Paul Wortman, Cybersecurity Research Scientist at Wells Fargo
Jasper von Woudenberg, CTO of Riscure North America and co-author of the "Hardware Hacking Handbook"
Nicole Fern, Senior Security Analyst at Riscure
Resources mentioned in this episode:
"
2021 CWE™ Most Important Hardware Weaknesses List"
Common Weakness Enumeration (CWETM)
Common Attack Pattern Enumeration and Classification (CAPECTM)
Out of Bounds Read podcast - The CWE 15th Anniversary Special
The CWE 15th Anniversary Special YouTube
This episode is a special cybersecurity awareness month podcast where we discuss the 15-year history and future of the CWE Program.
Interviewees include:
Bob Martin, Senior Principal Software and Supply Chain Assurance Engineer at MITRE
Joe Jarzombek, Director of Government and Critical Infrastructure Programs at Synopsis
Chris Eng, Chief Research Officer at Veracode
Chris Levendis, CWE/CAPEC Program Leader at MITRE
Drew Buttner, Software Assurance Capability Area Lead at MITRE
Resources mentioned in this episode:
Common Weakness Enumeration (CWE™)
Common Attack Pattern Enumeration and Classification (CAPECTM)
IS0/IEC 5055:2021 - Information technology; Software measurement; Software quality measurement; Automated source code quality measures
CWE-1340
Software Bill of Materials (SBOM)
Out of Bounds Read podcast - All About the 2021 Top 25 Most Dangerous Software Weaknesses
All About the 2021 Top 25 Most Dangerous Software Weaknesses YouTube
Steve Battista of the CWE/CAPEC Program interviews Rushi Purohit, who has helped lead the efforts behind the last few years’
Top 25 most dangerous software weaknesses publications. We talk about the new 2021 release of this list.
Resources mentioned in this episode:
2021 CWE Top 25
Methodology
Analysis
U.S. National Vulnerability Database (NVD)
Out of Bounds Read podcast - What Is CWE, Why Is It Important, and How Can It Help Me?
What Is CWE, Why Is It Important, and How Can It Help Me? YouTube |
MP3
Welcome to the inaugural episode of Out-of-Bounds Read, the
CWE/
CAPEC Program podcast!
In our first-ever episode, Steve Battista of the CWE/CAPEC Program interviews Steve Christey Coley, the CWE/CAPEC Program Technical Lead, about what
Common Weakness Enumeration (CWE™) is and the problem it aims to solve, who can benefit from CWE and how to leverage it, the role of the community, how CWE has evolved over time, and possibilities for the future.
Resources mentioned in this episode:
CWE/CAPEC on Twitter
CWE Submissions Form & Guidelines
Common Vulnerability Scoring System (CVSS)
U.S. National Vulnerability Database’s (NVD) CVSS calculator
Archived Episodes
Out of Bounds Read podcast - What is CAPEC, Why is It important, and How Can it Help Me?
What is CAPEC, Why is It important, and How Can it Help Me? (ARCHIVED) YouTube
NOTE: This episode has been ARCHIVED.
Steve Battista of the CWE/CAPEC Program interviews Rich Piazza, the CAPEC Task Lead, about what
Common Attack Pattern Enumeration and Classification (CAPEC™) and the problem it aims to solve, who can benefit from CAPEC and how to leverage it, the role of the community, how CAPEC has evolved over time, and possibilities for the future.
Resources mentioned in this episode:
CWE on Twitter
Common Attack Pattern Enumeration and Classification (CAPEC™)
More information is available — Please edit the custom filter or select a different filter.