ALERT: Some images may not load properly within the Knowledge Base Article. If you see a broken image, please right-click and select 'Open image in a new tab'. We apologize for this inconvenience.

TIs for CWEs

book

Article ID: 173301

calendar_today

Updated On:

Products

Endpoint Protection Mobile

Issue/Introduction

Common Weakness Enumeration (CWE) is a system for categorizing software weaknesses and potential vulnerabilities. Of the over 600 categories in the standard, Appthority MTT Researchers have mapped Threat Indicators to dozens of them.

CWEs are closely related to Common Vulnerabilities and Exposures (CVEs). While CWEs are weaknesses in software coding practices, CVEs are actual vulnerabilities discovered in software products. Appthority MTP discovers CVEs in mobile devices and displays them on the Devices > Device ID > CVEs page. See also the Appthority CVEs FAQ entry

Resolution

Use the attached PDF to determine what TIs to include in your custom policies or look for in App Reports for CWE detection.

Attachments

Industry Standards and Appthority - CWE - TI Mapping 28Aug18.pdf get_app