Write a discussion post (See discussion topic thread) (min 500 Words) On a security CVE / CWE that you find interesting to you. You can use a variety of sites and resources, examples could be such as MITRE, SANS, CISCO or sites that share cyber knowledge. Your post should contain a brief summary of the CVE/CWE and also include what the risks and recommendations are, how to look for it, why you thought it was interesting and anything else you may want to bring up to share to your peers.
- The second step is to engage / respond to at least 2 peers’ min 100 words
Assignment 2
Interlude:
We talked earlier about how when constructing code and applications we always have to think one step ahead in regard to our planning and preparation for security risks. This helps us later down the road mitigate potential threats and issues with our code. Part of security scripting is identifying potential CWE and CVEs that already exist and that could affect your code. So, what are CWEs and CVEs again.
CVEs are a standard for identifying and naming specific vulnerabilities.
CWEs (Common Weakness Enumeration) is a standard for classifying weaknesses that can lead to vulnerabilities.
CVEs help software devs and security teams recognize and track vulnerabilities. It allows for a quick reference to the vulnerability based on research that has already been done. It helps for improvement of speed and effectiveness of vulnerability management.
CWEs help software engineers tackle the more imperative vulnerabilities. It is identified weak points in the system.
Description:
For this assignment I want you all to take a moment and learn more about these and also share them with one another. This is an important skill in the community. Whether you’re a dev or a cyber team it is important to not just research consistently but also share that knowledge and build that network of communication making yourself and your peers stronger.
Requirements:
The assignment is as follows:
- Write a discussion post (See discussion topic thread) (min 500 Words) On a security CVE / CWE that you find interesting to you. You can use a variety of sites and resources, examples could be such as MITRE, SANS, CISCO or sites that share cyber knowledge. Your post should contain a brief summary of the CVE/CWE and also include what the risks and recommendations are, how to look for it, why you thought it was interesting and anything else you may want to bring up to share to your peers.
- The second step is to engage / respond to at least 2 peers’ min 100 words
Point Scale –
Initial Discussion Post 2.5 Points / Replies to peers 1.25 x 2
You must start a thread before you can read and reply to other threads