Common Weakness Enumeration (CWE)
The Common Weakness Enumeration (CWE) is a community-developed catalog of over 600 categories for hardware and software weaknesses and vulnerabilities, maintained by MITRE and sponsored by the U.S. Department of Homeland Security’s CISA. It provides a common language and taxonomy to help developers identify, fix, and prevent security flaws before deployment. Knowing the weaknesses that result in vulnerabilities means software developers, hardware designers, and security architects can eliminate them before deployment, when it is much easier and cheaper to do so.
