CWE
Common Weakness Enumeration
Common Weakness Enumeration is a community-developed catalog of software and hardware weakness types. Each CWE entry describes a category of vulnerability (e.g., CWE-79 for XSS, CWE-89 for SQLi) with examples, mitigations, and detection methods.
Como é usado em cibersegurança
Security engineers reference CWE identifiers when classifying vulnerability findings and writing remediation guidance. SAST tools map their findings to CWE entries so developers understand the underlying weakness type. GRC analysts use CWE data in risk assessments to identify which weakness categories affect their organization most frequently.
Termo relacionado no glossário: common weakness enumeration
As definições são explicações originais escritas para fins de desenvolvimento profissional. Para definições técnicas autoritativas, consulte NIST, ISO ou o órgão de normalização correspondente.