MITRE's CWE (Common Weakness Enumeration)

Overview

CodeSonar's advanced static analysis engine automatically detects over 100 types of security vulnerabilities in your code, allowing you to accurately and efficiently eliminate risks of security breaches.

CodeSonar's warning classes also support several coding initiatives, including the CWE, in order to make compliance with industry standards efficient and effective during software development.

Common Weakness Enumeration (CWE)

CodeSecure's CodeSonar is certified as CWE-Compatible, recognizing that it supports the CWE to the highest level currently recognized by the organization.

The CWE is a list of software weaknesses and security vulnerabilities. This international list allows clear communication between different parties with interests in computer security, including researchers, tool designers, and users.

Relevant Warning Classes

The following shows the CodeSonar warning classes that are associated with CWE rules and which uses CWE 4.12, published June 29, 2023. For links to the manual and CSV mappings you will need to login into the support portal using your SSO account. 

More information can be found using the following link.

Was this article helpful?
2 out of 2 found this helpful

Articles in this section

See more
White Papers
Read our white papers to find useful information about software development in the IoT era, where devices must not only function with impeccable quality and safety but also remain resilient to cyber-attacks.
Product Sheets
Read our datasheets and company briefs to gain quick insights into our solutions, products, and integrations, including their capabilities, benefits, and supported environments.
TalkSecure
Topics relating to DevSecOps, application security testing (AST), binary analysis, product security, software assurance and others.
X