What Is a CWE?

What Is a CWE?

 By Charles Joseph | Cybersecurity Advocate
 Last update: November 25, 2023

CWE stands for Common Weakness Enumeration. It’s a community-developed list of common software and hardware weaknesses that can lead to cybersecurity vulnerabilities.

It’s maintained by the MITRE Corporation.

Stay One Step Ahead of Cyber Threats

Want to Be the Smartest Guy in the Room? Get the Latest Cybersecurity News and Insights.
We respect your privacy and you can unsubscribe anytime.

The CWE system serves as a standard framework for identifying, classifying and categorizing known security weaknesses across different types of software systems.

By using CWEs, organizations can better understand the potential risks associated with different types of cyber threats and apply appropriate countermeasures to prevent attacks from occurring in the first place.

CWEs are regularly updated by industry professionals to reflect evolving threats and new attack vectors as they emerge over time.

What Is a Common Weakness Enumeration (CWE)? (Video)

"Amateurs hack systems, professionals hack people."
-- Bruce Schneier, a renown computer security professional