Classification of weaknesses and attacks

The Web Application Security Consortium (WASC) released Threat Classification 2.0. The Threat Classification is an effort to classify the weaknesses, and attacks that can lead to the compromise of a website, its data, or its users.

The TC is created and reviewed by industry experts with years of experience. The primary use is as a reference guide that can be included in security reports, security defects, presentations, and more. The TC content appears is numerous books, security products, and 3rd party security classification systems.

Here’s a partial list of companies utilizing the TC:

IBM (AppScan)
HP (Webinspect)
WhiteHat Security (Sentinel)
Positive Technologies (MaxPatrol) and Services
Qualys (QualysGuard Web Application Scanning)
F5 (Application Security Manager)
HoneyApps (Conduit).

Classification of weaknesses and attacks

Don't miss

National Student Clearinghouse MOVEit breach impacts nearly 900 schools

BinDiff: Open-source comparison tool for binary files

Hands-on threat simulations: Empower cybersecurity teams to confidently combat threats

How global enterprises navigate the complex world of data privacy

Balancing cybersecurity with convenience and progress