CVSS, CVE, CWE, CAPEC – common standards security professionals should know:

– CVSS: severity of a vulnerability
– CVE: unique identifier for a vulnerability
– CWE: list of clearly described software weaknesses
– CAPEC: list of clearly described attack patterns

@infosechandbook CWE also comes with #CWSS which is similar to CVSS but not in a competitive way.

Sign in to participate in the conversation
Mastodon is a microblogging site that federates with most instances on the Fediverse.