2010 CWE/SANS Top 25 Most Dangerous Programming Errors Published

Industry specialist published the “2010 CWE/SANS Top 25 Most Dangerous Programming Errors” – a list of the most widespread and critical programming errors that can lead to serious software vulnerabilities. The list’s the result of collaboration between SANS Institute, MITRE, and top software security experts in US and Europe. It leverages experiences in development of […]

Industry specialist published the “2010 CWE/SANS Top 25 Most Dangerous Programming Errors” – a list of the most widespread and critical programming errors that can lead to serious software vulnerabilities. The list’s the result of collaboration between SANS Institute, MITRE, and top software security experts in US and Europe. It leverages experiences in development of SANS Top 20 attack vectors and MITRE's Common Weakness Enumeration (CWE). MITRE maintains CWE web site, with support of US Department of Homeland Security's National Cyber Security Division, presenting detailed descriptions of top 25 programming errors along with authoritative guidance for mitigating and avoiding them. CWE site contains data on more than 800 programming errors, design errors, and architecture errors that can lead to exploitable vulnerabilities. “They’re often easy to find, and easy to exploit. They’re dangerous because they’ll frequently allow attackers to completely take over the software, steal data, or prevent the software from working at all.”

More info: 2010 CWE/SANS