CWE Mapping

-= Supported CWE identifiers = -A complete listing of the CWE identifiers supported by !ThreadFix v1.2 (and the current set of integrated scanners) can be found by viewing [http://cwe.mitre.org/data/index.html CWE 2.5]. !ThreadFix allows for manual entry of vulnerabilities, allowing for complete coverage/support of all CWE identifiers found in [http://cwe.mitre.org/data/index.html CWE 2.5].

-= Identified vulnerabilities are mapped to CWE identifiers =

-==Step 1: From the applications page, expand the target vulnerability type group==

-http://wiki.threadfix.googlecode.com/git/CWE1.2_Step1.jpg

-==Step 2: Select the ‘View More’ Link for the desired vulnerability.==

-http://wiki.threadfix.googlecode.com/git/CWE1.2_Step2.jpg

-==Step 3: Click on the CWE Entry URL to navigate to the to the associated CWE identifier on MITRE’s website.==

-http://wiki.threadfix.googlecode.com/git/CWE1.2_Step3.jpg

-= Filtering by CWE Identifier =

-Filtering vulnerability data is a feature of !ThreadFix. Users can filter many criteria including CWE identifier.

-==Step 1: On the application page, click the 'Show Filters' link==

-http://wiki.threadfix.googlecode.com/git/CWE1.2_FilterbyID_Step1.jpg

-==Step 2: Type in the CWE ID number, click the ‘Filter’ link.==

-http://wiki.threadfix.googlecode.com/git/CWE1.2_FilterbyID_Step2.jpg

-==Step 3: Results associated with the specified CWE ID will be displayed immediately below.==

-http://wiki.threadfix.googlecode.com/git/CWE1.2_FilterbyID_Step3.jpg