all InfoSec news
Measuring the Exploitation of Weaknesses in the Wild
May 3, 2024, 4:15 a.m. | Peter Mell, Irena Bojanova, Carlos Galhardo
cs.CR updates on arXiv.org arxiv.org
Abstract: Identifying the software weaknesses exploited by attacks supports efforts to reduce developer introduction of vulnerabilities and to guide security code review efforts. A weakness is a bug or fault type that can be exploited through an operation that results in a security-relevant error. Ideally, the security community would measure the prevalence of the software weaknesses used in actual exploitation. This work advances that goal by introducing a simple metric that utilizes public data feeds to …
arxiv attacks bug can code code review community cs.cr developer error exploitation exploited guide in the wild introduction measuring relevant results review security security community software vulnerabilities weakness weaknesses
More from arxiv.org / cs.CR updates on arXiv.org
Jobs in InfoSec / Cybersecurity
Information Security Engineers
@ D. E. Shaw Research | New York City
Technology Security Analyst
@ Halton Region | Oakville, Ontario, Canada
Senior Cyber Security Analyst
@ Valley Water | San Jose, CA
Cyber Crime Student Internship
@ West Midlands Police | Birmingham, West Midlands, United Kingdom
Cyber Security Engineer (Junior/Journeyman)
@ CSEngineering | El Segundo, CA 90245, USA
Application Security Lead
@ Tokio Marine HCC | United Kingdom