정보 보안 취약점 관련 용어와 사이트, CAPEC, CWE, CVE, CCE, ATT&CK, SAMATE
정리. 수알치 오상문
CAPEC: Common Attack Pattern Enumeration and Classification
일반 공격 패턴 및 분류
https://capec.mitre.org/community/related.html
CAPEC - Related Activities
<!--Begin TOC Related Activities Common Weakness Enumeration (CWE™) List of standardized software weaknesses, https://cwe.mitre.org Common Vulnerabilities and Exposures (CVE®) List of standardized vulnerability names, https://cve.mitre.org/cve Adver
capec.mitre.org
CWE: Common Weakness Enumeration
소스 코드 보안 취약점
https://cwe.mitre.org/
CWE - Common Weakness Enumeration
CWE™ is a community-developed list of software and hardware weakness types. It serves as a common language, a measuring stick for security tools, and as a baseline for weakness identification, mitigation, and prevention efforts.
cwe.mitre.org
CVE: Common Vulnerabilities and Exposures
하드웨어 또는 소프트웨어 결함이나 체계/설계 취약점
https://www.cve.org/
cve-website
www.cve.org
CCE: Common Configuration Enumeration
시스템 설정 상의 취약점(권한상승, 변조, 유출 등)
https://cce.mitre.org/about/index.html
Common Configuration Enumeration (CCE) -- About CCE
About CCE — Archive Introduction The CCE List provides unique identifiers to security-related system configuration issues in order to improve workflow by facilitating fast and accurate correlation of configuration data across multiple information sources
cce.mitre.org
ATT&CK: Adversarial Tactics, Techniques & Common Knowledge
적대 전술/기술/지식
https://attack.mitre.org/
MITRE ATT&CK®
attack.mitre.org
SAMATE: The Software Assurance Metrics and Tool Evaluation
소프트웨어 보증 지표와 평가 도구
https://www.nist.gov/itl/ssd/software-quality-group/samate
SAMATE
Welcome to the Software Assurance Metrics And Tool Evaluation (SAMATE) Website! Software assurance is a set of methods and proc
www.nist.gov
'정보 보호, 보안, 해킹' 카테고리의 다른 글
| 해킹 입문 강의 : 정보 보안 기초 (0) | 2023.11.04 |
|---|---|
| 정보통신기반시설 취약점 분석 평가 기준 개정에 따른 제어시스템 보안 (0) | 2023.11.03 |
| 0-day(제로데이), 1-day(원데이), N-day(엔데이)=Olday(올데이) (0) | 2023.10.20 |
| 데이터 전송 프로토콜, 자세한 동영상 강의 (with 와이어샤크) (0) | 2023.10.14 |
| 2023년 암호모듈검증 전문교육 심화과정 안내 (온/오프라인) (0) | 2023.10.12 |