oval.mitre.org
OVAL - Open Vulnerability and Assessment Language
NEWS July 9, 2015. Open Vulnerability and Assessment Language. A Community-Developed Language for Determining Vulnerability and Configuration Issues on Computer Systems. Has transitioned to the Center for Internet Security (CIS). The MITRE OVAL website is in "Archive" status. OVAL in the Enterprise. Community Repositories of OVAL Content. Vulnerability Databases and Advisories. Security Content Automation (SCAP). February 09, 2016. OVAL Repository Announces Top Contributors Awards for Q2-2015. ToolsWat...
myremote.mitre.org
MITRE Connect Portal
Remote Access Portal Log In. Due to compatibility issues of the Remote Access Portal, Windows users are instructed to use an Edge or Chrome browser for the best experience. Mac systems should choose the Non-MITRE System configuration for the best experience. Remote access services are permitted from non-MITRE-owned systems so long as no sensitive information is printed or downloaded to the system.
msm.mitre.org
Making Security Measurable
A Collection of Information Security Community Standardization Activities and Initiatives. MITRE, in collaboration with government, industry, and academic stakeholders, is improving the measurability of security through registries. Of baseline security data, providing standardized languages. As means for accurately communicating the information, defining proper usage. And helping establish community approaches for standardized processes. MSM Directory of Efforts. Supply Chain Risk Management.
measurablesecurity.mitre.org
Making Security Measurable
A Collection of Information Security Community Standardization Activities and Initiatives. MITRE, in collaboration with government, industry, and academic stakeholders, is improving the measurability of security through registries. Of baseline security data, providing standardized languages. As means for accurately communicating the information, defining proper usage. And helping establish community approaches for standardized processes. MSM Directory of Efforts. Supply Chain Risk Management.
makingsecuritymeasurable.mitre.org
Making Security Measurable
A Collection of Information Security Community Standardization Activities and Initiatives. MITRE, in collaboration with government, industry, and academic stakeholders, is improving the measurability of security through registries. Of baseline security data, providing standardized languages. As means for accurately communicating the information, defining proper usage. And helping establish community approaches for standardized processes. MSM Directory of Efforts. Supply Chain Risk Management.
maec.mitre.org
MAEC - Malware Attribute Enumeration and Characterization
Malware Attribute Enumeration and Characterization. A Structured Language for Attribute-Based Malware Characterization. MAEC Language — Version 4.1. International in scope and free for public use, MAEC is a standardized language for encoding and communicating high-fidelity information about malware based upon attributes such as behaviors, artifacts, and attack patterns. Structured Threat Information (STIX). Threat Information Exchange (TAXII). Software Weakness Types (CWE). And (5) MAEC Idioms. Page Last...
cybox.mitre.org
CybOX -Cyber Observable Expression
A Structured Language for Cyber Observables. CybOX Language — Version 2.1. Our CybOX News Coverage Is Now Located in Our Combined STIX-TAXII-CybOX-MAEC News/Blog. Python-cybox Version 2.1.0.10 Now Available. CybOX, TAXII, and STIX Mentioned in Article about the President's New Initiative for Cyber Threat Information Sharing on GCN.com. CybOX, TAXII, and STIX Mentioned in Article about National Health ISAC's 60-Minute Response to the Anthem Attack. CybOX Version 2.1. CybOX is being transitioned to OASIS.
cwe.mitre.org
CWE -Common Weakness Enumeration
A Community-Developed List of Software Weakness Types. Is a community-developed list of common software security weaknesses. It serves as a common language, a measuring stick for software security tools, and as a baseline for weakness identification, mitigation, and prevention efforts. View the CWE List. View by Research Concepts. View by Development Concepts. View by Architectural Concepts. See the full CWE List. Page for enhanced information, downloads, and more. Total Software Weaknesses: 714.
cve.mitre.org
CVE -Common Vulnerabilities and Exposures (CVE)
Common Vulnerabilities and Exposures. CVE List Rules and Guidance. CVE Request Web Form. All CVE List Documents. CVE Numbering Authorities (CNAs). Growth of CNA Program Worldwide. CVE Overview for Prospective CNAs. How to Become a CNA. All Documents for CNAs. CNA Rules, Version 2.0. CVE and NVD Relationship. Update a CVE Entry. TOTAL CVE Entries: 98200. CVE is a list. Of entries—each containing an identification number, a. CVE Entries are used in numerous cybersecurity products and services. March 22, 20...
cpe.mitre.org
CPE - Common Platform Enumeration
CPE Website is in Archive status — read the announcement. MITRE is pleased to announce that all intellectual property associated with CPE has been transferred to the U.S. National Institute for Standards and Technology (NIST). NIST holds operational responsibility for CPE, and has hosted both the Official CPE Dictionary. And the CPE Specifications. Go to the NIST websites for the most up-to-date information: Official CPE Dictionary. Software ID Tags (SWIDs). Security Content Automation (SCAP).
SOCIAL ENGAGEMENT