2011 Credited Contributors
The following people or organizations are being publicly acknowledged
because they provided us with substantive comments on the drafts.
This public document is markedly improved thanks to their expert
feedback.
Additionally, without the advice and collaboration from Alan Paller and
Dennis Kirby from the SANS Institute, this effort would not be what it
has become. Finally, CWE Team members Janis Kenderdine, Brendan Miles,
John Mazella, Sean Barnum, and Scott Bennett deserve our endless thanks
for their tireless and timely help in updating the CWE items and getting
this material into a usable form on the web site.
Robert A. Martin & Steve Christey
Contributors to the "CWE/SANS Top 25 Most Dangerous Software Errors" list:
Mark J. Cox |
Red Hat Inc. |
Carsten Eiram |
Secunia (Denmark) |
Pascal Meunier |
CERIAS, Purdue University |
Razak Ellafi & Olivier Bonsignour |
CAST Software |
David Maxwell |
NetBSD |
Cassio Goldschmidt & Mahesh Saptarshi |
Symantec Corporation |
Chris Eng |
Veracode, Inc. |
Paul Anderson |
Grammatech Inc. |
Masato Terada |
Information-Technology Promotion Agency (IPA) (Japan) |
Bernie Wong |
IBM |
Dennis Seymour |
Ellumen, Inc. |
Kent Landfield |
McAfee |
Hart Rossman |
SAIC |
Jeremy Epstein |
SRI International |
Matt Bishop |
UC Davis |
Adam Hahn & Sean Barnum |
MITRE |
Jeremiah Grossman |
White Hat Security |
Kenneth van Wyk |
KRvW Associates |
Bruce Lowenthal |
Oracle Corporation |
Jacob West |
Fortify Software, an HP Company |
Frank Kim |
ThinkSec |
Mark Fioravanti |
Department of Homeland Security (DHS), Science & Technology Directorate |
Christian Heinrich |
(Australia) |
Ketan Vyas |
Tata Consultancy Services (TCS) |
Joe Baum |
Motorola Solutions |
Matthew Coles, Aaron Katz, Izar Tarandach & Nazira Omuralieva |
RSA, the Security Division of EMC |
National Security Agency (NSA) Information Assurance Division |
Department of Homeland Security (DHS) National Cyber Security Division |
The "CWE/SANS Top 25 Most Dangerous Software Errors" list relies upon
the Common Weakness Scoring System (CWSS) as part of the ranking. The
following individuals/organizations have contributed to evolving CWSS
to date:
Bruce Lowenthal |
Oracle |
Damir (Gaus) Rajnovic |
Cisco |
Stephen Chasko |
|
Chris Eng & Chris Wysopal |
Veracode |
Capers Jones |
|
Edward Luck & Martin Tan |
Dimension Data (Australia) |
James Jardine |
Jardine Software |
Jon Zucker |
Cenzic |
Jason Liu |
Northrop Grumman |
Ory Segal |
IBM |
Mahi Dontamsetti |
DTCC |
Hart Rossman |
SAIC |
Tom Stracener |
|
Rama Moorthy |
Hatha Systems |
Rohit Sethi |
Security Compass |
Chii-Ren Tsai |
Citigroup |
Joe Jarzombek |
Department of Homeland Security (DHS), National Cyber Security Division |
Richard Struse |
Department of Homeland Security (DHS), National Cyber Security Division |
More information is available — Please edit the custom filter or select a different filter.
|