Help me fill out a list of flaw types
Josh Bressers
bressers at redhat.com
Mon Aug 12 18:20:46 UTC 2013
>
> Did you have a particular use-case in mind for your list? Will you be
> accessing this list programmatically or just for human consumption?
> Perhaps a schema/classification skeleton we could start with? Do you
> want a list of specific exploits/vulnerabilities (so you might start
> with local and remote for example then drill down with stack exploits,
> cross site injections etc) or just a list of the monikers of actual
> exploits like "sasser", or something more like "social engineering",
> "network", "program code"..."input validation", etc?
>
Basically it's just a list for me. I'm putting together a nice list of
possible topics for a variety of reasons. I figured it would be nice to get
input from others, and obvious make such a list public for anyone who
wanted something similar.
It's a pretty open request, so I'd say anything goes. If you have some
ideas, jot them down.
Thanks.
--
Josh Bressers / Red Hat Product Security Team
More information about the security
mailing list