Abhay Bhargav Profile picture
Mar 15 ā€¢ 10 tweets ā€¢ 6 min read
Realized that there's a huge gap in knowledge for some taxonomy and terms in #infosec. Here's a šŸ§µ
Let's start with CWE from @CweCapec. Common Weakness Enumeration.
* This is šŸš« a scoring system
* This is identifier for a type of vuln
For example: SQL Injection is CWE 89
It has broad "parent" and more specific "child" categories. But EOD, they are Vulnerability IDs 2/
@CweCapec Let's look the one its most confused with. CVE (@CVEnew). This is a number that is assigned to a specific vulnerability identified against software/hardware that is publicly available (commerical/OSS). Ex: CVE-2022-0847 is a CVE given to the Linux #DirtyPipe vul. 3/
@CweCapec @CVEnew Its a specific vulnerability dataset, but it can be identified by a generic type of vulnerability i.e. CWE. In this case, the type of vulnerability is probably closer to a Buffer Overflow, i.e. CWE 119 (Improper Restriction of Operations within the Bounds of a Memory Buffer) 4/
@CweCapec @CVEnew Then there's the scoring system CVSS (Common Vulnerability Scoring System). It consists of multiple "factors" of scoring a vulnerability based on a Base - think of it as a baseline score for a vulnerability of its nature. 5/
@CweCapec @CVEnew This is defined by params like AuthN, Access Control, C,I,A metrics and so on. Like a baseline. Then it has the "temporal" metrics, like exploitability and remediation. Things that tend to change over the lifetime of the vulnerability. finally, you have the "environmental" 6/
@CweCapec @CVEnew This refers to the specifics of the environment where the target system is deployed, that has an impact on the score of the vulnerability. Things like internal/external, collateral damage potential, etc. 7/
@CweCapec @CVEnew Finally you have CAPEC (Common Attack Pattern Enumeration and Classification). As the name suggests, these are a compendium of typical attack patterns and techniques against specific CWEs. 8/
@CweCapec @CVEnew It has multiple approaches to classification and is very complementary to....you guessed it the @MITREAttack framework. Its a thoroughly awesome and underrated taxonomy and classification set
@CweCapec @CVEnew @MITREattack That's a wrap!

If you enjoyed this thread:

1. Follow me @abhaybhargav for more of these
2. RT the tweet below to share this thread with your audience

ā€¢ ā€¢ ā€¢

Missing some Tweet in this thread? You can try to force a refresh

Keep Current with Abhay Bhargav

Abhay Bhargav Profile picture

Stay in touch and get notified when new unrolls are available from this author!

Read all threads

This Thread may be Removed Anytime!


Twitter may remove this content at anytime! Save it as PDF for later use!

Try unrolling a thread yourself!

how to unroll video
  1. Follow @ThreadReaderApp to mention us!

  2. From a Twitter thread mention us with a keyword "unroll"
@threadreaderapp unroll

Practice here first or read more on our help page!

More from @abhaybhargav

Dec 10, 2021
ICYMI, this is how the #log4j #Log4Shell flaw works (in simple english), a šŸ§µ
1. Victim is running a Java Web that uses the log4j logging lib
2. The victim web app has code that logs http request payloads/headers with log statements (example User-Agent)
1/ Image
3. Attacker identifies vulnerable app and makes a request to the server with the User-Agent Value set to this. What does this mean? 2/ Image
jndi == Java Naming and Directory Interface. Allows Java apps to access multiple apis for LDAP, Remote Method Invocation (RMI), etc through the JNDI Interface
4. The attacker tries to get the log4j library to lookup an LDAP server through JNDI 3/
Read 9 tweets

Did Thread Reader help you today?

Support us! We are indie developers!

This site is made by just two indie developers on a laptop doing marketing, support and development! Read more about the story.

Become a Premium Member ($3/month or $30/year) and get exclusive features!

Become Premium

Don't want to be a Premium member but still want to support us?

Make a small donation by buying us coffee ($5) or help with server cost ($10)

Donate via Paypal

Or Donate anonymously using crypto!


0xfe58350B80634f60Fa6Dc149a72b4DFbc17D341E copy


3ATGMxNzCUFzxpMCHL5sWSt4DVtS8UqXpi copy

Thank you for your support!

Follow Us on Twitter!