Making of the CWE Top-25, 2010 Edition

Page Content

Pascal Meunier - Purdue University

Mar 10, 2010

Size: 444.7MB

Download: Video Icon MP4 Video   Flash Icon Watch in your Browser (Flash Required)  

Abstract

For the second time, MITRE's Common Weakness Enumeration project has released a Top-25 list. However, this year's is a much more sophisticated document, created using a systematic and more rigorous approach. It contains several sections and tables as well as profiles, and isn't only a list. I will
explain what the CWE is, what the purpose of the Top-25 is, how it was created,
which problems it faced and which it still faces, how it has been improved
since last year, and how you can use it.

About the Speaker

Pascal Meunier received his B.S. in Physics in 1986 from Laval University, Ph.D. in Biophysics from the University of Québec in 1990, and M.Sc. in computer science from Purdue in 2000. Dr. Meunier has since worked at CERIAS on projects such as the Cassandra system (https://cassandra.cerias.purdue.edu), vulnerabilities of PDAs in a wireless environment, and vulnerability analysis (https://coopvdb.cerias.purdue.edu). He has been on the board of editors of the CVE at MITRE since 1999, and is adjunct faculty in Norwich University's program for their online Masters in Information Assurance.

Unless otherwise noted, the security seminar is held on Wednesdays at 4:30P.M. STEW G52, West Lafayette Campus. More information...

© 1999-2013 Purdue University. All rights reserved.

Use/Reuse Guidelines

CERIAS Seminar materials are intended for educational, non-commercial use only and any or all commercial use is prohibited. Any use must attribute "The CERIAS Seminar at Purdue University." Opinions expressed in the recordings are not necessarily representative of the views of CERIAS or of Purdue University.