Important Notice: Our web hosting provider recently started charging us for additional visits, which was unexpected. In response, we're seeking donations. Depending on the situation, we may explore different monetization options for our Community and Expert Contributors. It's crucial to provide more returns for their expertise and offer more Expert Validated Answers or AI Validated Answers. Learn more about our hosting issue here.

What is the relationship of SANS Institute to the CWE Top 25?

CWE Institute relationship SANS
0
Posted

What is the relationship of SANS Institute to the CWE Top 25?

0 CommentsAdd a Comment

1 Answer

0

SANS is an active participant in the Department’s Software Assurance Forum (that is co-sponsored by DoD and NIST) and often engages with DHS and all other forum participants on related activities. SANS has been a contributor to the CWE through its development over the past few years. In addition, SANS agreed to leverage their “Top XXX” brand. SANS’s original Top 10/20 consensus effort and the concept behind it generated a desire by organizations to compare themselves against the list, which, in turn, motivated tool and service providers to offer reports about SANS’s Top 20 status. We would hope that it would have the same effect in the software security weakness measurement and reporting industry, which is much needed to help focus organizations on specific targeted efforts versus general broad brush and diffuse efforts in improving software assurance.

0 CommentsAdd a Comment

Related Questions

What is your question?

*Sadly, we had to bring back ads too. Hopefully more targeted.

Experts123