MITRE's CWE (Common Weakness Enumeration)

CodeSonar's advanced static analysis engine automatically detects over 100 types of security vulnerabilities in your code, allowing you to accurately and efficiently eliminate risks of security breaches.

CodeSonar's warning classes also support several coding initiatives, including the CWE, in order to make compliance with industry standards efficient and effective during software development.

Common Weakness Enumeration (CWE)

GrammaTech's CodeSonar is certified as CWE-Compatible, recognizing that it supports the CWE to the highest level currently recognized by the organization.

The CWE is a list of software weaknesses and security vulnerabilities. This international list allows clear communication between different parties with interests in computer security, including researchers, tool designers, and users.

Relevant Warning Classes

The following shows the CodeSonar warning classes that are associated with CWE rules and are matched with CodeSonar 7.1.

Was this article helpful?
1 out of 1 found this helpful

Comments

0 comments

Article is closed for comments.

Articles in this section

See more
GrammaTech Resource Library
Welcome to GrammaTech's resource library. Here you will find useful information about software development in the IoT era, where devices must not only function with impeccable quality and safety but also remain resilient to cyber attacks.
Shift Left Academy
Shift Left Academy is an educational resource to help implement a security first approach. Shift Left focuses on finding and preventing defects and security vulnerabilities early in the software development process
Blog
Posts by topic including static analysis, software assurance, and binary analysis