UNLIMITED FREE
ACCESS TO THE WORLD'S BEST IDEAS

SUBMIT
Already a GlobalSpec user? Log in.

This is embarrasing...

An error occurred while processing the form. Please try again in a few minutes.

Customize Your GlobalSpec Experience

Select Your Free Newsletters

Industry Newsletters

Select Your Free Product Alerts

Finish!
Privacy Policy

This is embarrasing...

An error occurred while processing the form. Please try again in a few minutes.

ITU-T X.1525

Common weakness scoring system

active, Most Current
Buy Now
Organization: ITU-T
Publication Date: 1 April 2015
Status: active
Page Count: 38
scope:

This Recommendation provides a standardized approach for communicating the characteristics and impacts of weaknesses during development of ICT software capabilities using attack surface and environmental metrics to apply contextual information. CWSS more accurately reflects the risk to the user of the software capability, given the unique business context it will function within for the user, and the unique business capability the software is providing to the user.

Document History

ITU-T X.1525
April 1, 2015
Common weakness scoring system
This Recommendation provides a standardized approach for communicating the characteristics and impacts of weaknesses during development of ICT software capabilities using attack surface and...

References

This document references:
ITU-T X.1544 - Common attack pattern enumeration and classification
Published by ITU-T on April 1, 2013
This Recommendation provides for the structured exchange of publicly available attack patterns along with a comprehensive schema and classification taxonomy.
This document references:
ITU-T X.1524 - Common weakness enumeration
Published by ITU-T on March 1, 2012
This Recommendation on the use of the common weakness enumeration (CWE) provides a "structured means" for the global exchange of information about software security weaknesses in architecture,...
This document references:
ITU-T X.1521 - Common vulnerability scoring system 3.0
Published by ITU-T on March 1, 2016
This Recommendation provides a standardized approach for communicating the characteristics and impacts of ICT vulnerabilities using temporal and environmental metrics that apply contextual...
This document references:
ITU-T X.1520 - Common vulnerabilities and exposures
Published by ITU-T on January 1, 2014
This Recommendation on the use of the common vulnerabilities and exposures provides a "structured means" for the global exchange of publicly known, mature vulnerabilities and exposures information...
This document references:
ITU-T X.1500 - Overview of cybersecurity information exchange Amendment 3: Revised structured cybersecurity information exchange techniques
Published by ITU-T on April 1, 2013
A description is not available for this item.
This document is referenced by:
ISO/IEC DIS 30754 - Information technology - Software trustworthiness - Governance and management - Specification
Published by ISO on April 6, 2016
This International Standard provides a specification for software trustworthiness, that is intended to be a widely applicable approach that can be customised for any organization, and to software in...
This document is referenced by:
ITU-T X.1214 - Security assessment techniques in telecommunication/information and communication technology networks
Published by ITU-T on March 1, 2018
This Recommendation discusses security assessment techniques that can be used on software-based elements in telecommunication/information and communication technology (ICT) networks. Both traditional...
View Less
View All
Advertisement