WASC Taxonomy Cross Reference
April 16th, 2010
Comments off
The Web Application Security Consortium (WASC) has made a very hany cross-reference. As it states on their website:
“This view contains a mapping of the WASC Threat Classification’s Attacks and Weaknesses with MITRE’s Common Weakness Enumeration, MITRE’s Common Attack Pattern Enumeration and Classification, OWASP Top Ten 2010 RC1 (original mapping with OWASP Top Ten from Jeremiah Grossman & Bill Corry) and SANS/CWE and OWASP Top Ten 2007 and 2004 (original mapping from Dan Cornell, Denim Group)”
The 49-listed WASC Threat Classifications are all mapped to atleast one of the other lists. A really helpfull guide when you use automated scanners and their report templates don’t match.
Here is the link.
